Page 5 of 95 results (0.002 seconds)

CVSS: 7.5EPSS: 40%CPEs: 2EXPL: 1

CVE-2002-0148 – Microsoft IIS 4.0/5.0 - HTTP Error Page Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2002-0148

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. Vulnerabildad de secuencias de comandos en sitios cruzados (cross-site scripting) en Internet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes remotos ejecutar código arbitrario como otros usuarios mediatne una página de error HTTP. • https://www.exploit-db.com/exploits/21372 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8803.php http://www.kb.cert.org/vuls/id/886699 http://www.osvdb.org/3339 http://www.securityfocus.com/bid/4486 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 4

CVE-2002-0079 – Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow

https://notcve.org/view.php?id=CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Desbordamiento de buffer en el mecanismo de transferencia de codificación troceada (chunked encoding) en Active Server Pages (ASP) de Internet Information Server (IIS) 4.0 y 5.0, que permite a atacantes causar una denegación de servicio o ejecutar código arbitrario. • https://www.exploit-db.com/exploits/21369 https://www.exploit-db.com/exploits/21368 https://www.exploit-db.com/exploits/21370 https://www.exploit-db.com/exploits/21371 http://marc.info/?l=bugtraq&m=101846993304518&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8795.php http://www.kb.cert.org/vuls/id/610291 http://www.securityfocus •

CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 0

CVE-2001-0545

https://notcve.org/view.php?id=CVE-2001-0545

IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. • http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.osvdb.org/5736 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6981 •

CVSS: 7.2EPSS: 54%CPEs: 2EXPL: 2

CVE-2001-0506 – Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation

https://notcve.org/view.php?id=CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. • https://www.exploit-db.com/exploits/21071 http://marc.info/?l=bugtraq&m=99802093532233&w=2 http://online.securityfocus.com/archive/1/242541 http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.securityfocus.com/bid/3190 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6984 •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 0

CVE-2001-0709

https://notcve.org/view.php?id=CVE-2001-0709

Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. • http://www.securityfocus.com/archive/1/192802 http://www.securityfocus.com/bid/2909 https://exchange.xforce.ibmcloud.com/vulnerabilities/6742 •