Page 5 of 91 results (0.005 seconds)

CVSS: 7.5EPSS: 40%CPEs: 2EXPL: 1

CVE-2002-0148 – Microsoft IIS 4.0/5.0 - HTTP Error Page Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2002-0148

Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other users via an HTTP error page. Vulnerabildad de secuencias de comandos en sitios cruzados (cross-site scripting) en Internet Information Server (IIS) 4.0, 5.0 y 5.1 permite a atacantes remotos ejecutar código arbitrario como otros usuarios mediatne una página de error HTTP. • https://www.exploit-db.com/exploits/21372 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8803.php http://www.kb.cert.org/vuls/id/886699 http://www.osvdb.org/3339 http://www.securityfocus.com/bid/4486 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg •

CVSS: 7.5EPSS: 37%CPEs: 2EXPL: 0

CVE-2002-0071

https://notcve.org/view.php?id=CVE-2002-0071

Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names. Desbordamiento de buffer la extensión ISAPI ism.dll que implementa los scripts HTR en MS Internet Information Server (IIS) 4.0 y 5.0 permite a atacantes causar una denegación de servido o ejecutar código arbitrario mediante peticiones HTR con nombres de variables largos. • http://marc.info/?l=bugtraq&m=101854087828265&w=2 http://www.atstake.com/research/advisories/2002/a041002-1.txt http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8799.php http://www.kb.cert.org/vuls/id/363715 http://www.osvdb.org/3325 http://www.securityfocus.com/bid/4474 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002 •

CVSS: 7.5EPSS: 96%CPEs: 2EXPL: 4

CVE-2002-0079 – Microsoft IIS 4.0/5.0 - Chunked Encoding Transfer Heap Overflow

https://notcve.org/view.php?id=CVE-2002-0079

Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code. Desbordamiento de buffer en el mecanismo de transferencia de codificación troceada (chunked encoding) en Active Server Pages (ASP) de Internet Information Server (IIS) 4.0 y 5.0, que permite a atacantes causar una denegación de servicio o ejecutar código arbitrario. • https://www.exploit-db.com/exploits/21369 https://www.exploit-db.com/exploits/21368 https://www.exploit-db.com/exploits/21370 https://www.exploit-db.com/exploits/21371 http://marc.info/?l=bugtraq&m=101846993304518&w=2 http://www.cert.org/advisories/CA-2002-09.html http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8795.php http://www.kb.cert.org/vuls/id/610291 http://www.securityfocus •

CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 0

CVE-2001-0545

https://notcve.org/view.php?id=CVE-2001-0545

IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a length that is different than the actual length. • http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.osvdb.org/5736 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6981 •

CVSS: 7.2EPSS: 54%CPEs: 2EXPL: 2

CVE-2001-0506 – Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation

https://notcve.org/view.php?id=CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability. • https://www.exploit-db.com/exploits/21071 http://marc.info/?l=bugtraq&m=99802093532233&w=2 http://online.securityfocus.com/archive/1/242541 http://www.ciac.org/ciac/bulletins/l-132.shtml http://www.securityfocus.com/bid/3190 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044 https://exchange.xforce.ibmcloud.com/vulnerabilities/6984 •