CVSS: 7.5EPSS: 5%CPEs: 4EXPL: 0CVE-2007-1278
https://notcve.org/view.php?id=CVE-2007-1278
16 Mar 2007 — Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root. Vulnerabilidad no especificada en el conector IIS en Adobe JRun 4.0 Updater 6, y ColdFusion MX 6.1 y 7.0 Enterprise, cuando se utiliza Microsoft IIS 6, permite a atacantes remotos provocar denegación de servicio a través de vectores n... • http://osvdb.org/34039 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6579
https://notcve.org/view.php?id=CVE-2006-6579
15 Dec 2006 — Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine. Microsoft Windows XP tiene pérmisos débiles (FILE_WRITE_DATA y FILE_READ_DATA para cualquiera) para %WINDIR%\pchealth\ERRORREP\QHEADLES, lo cual permite a un usuario local escribir y leer archivos en esta carpet... • http://www.securityfocus.com/archive/1/454268/100/0/threaded •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2004-0205
https://notcve.org/view.php?id=CVE-2004-0205
14 Jul 2004 — Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function. Desbordamiento de búfer en Microsoft Internet Information Server (IIS) 4.0 permite a usuarios locales ejecutar código de su elección mediante la función de redirección. • http://secunia.com/advisories/12061 •
CVSS: 7.5EPSS: 5%CPEs: 3EXPL: 1CVE-2003-1342 – Trend Micro Virus Control System 1.8 - Denial of Service
https://notcve.org/view.php?id=CVE-2003-1342
31 Dec 2003 — Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. • https://www.exploit-db.com/exploits/22172 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 8%CPEs: 2EXPL: 0CVE-2003-0223
https://notcve.org/view.php?id=CVE-2003-0223
30 May 2003 — Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. Vulnerabilidad de secuencias de comandos en sitios cruzados en la función ASP responsable de la redirección en el Microsoft Internet Information Server (IIS) 4.0, 5.0, y 5.1 permite que atacantes remotos embeban una URL que contiene script en un mensaje de redirección. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-018 •
CVSS: 7.5EPSS: 42%CPEs: 2EXPL: 0CVE-2003-0225
https://notcve.org/view.php?id=CVE-2003-0225
30 May 2003 — The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page. La función ASP Response.AddHeader en Microsoft Internet Information Server (IIS) 4.0 y 5.0 no limita peticiones de memoria cuando se construyen los encabezamientos, lo que permite que atacantes remotos generen un encabezamiento largo q... • http://marc.info/?l=ntbugtraq&m=105110606122772&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-1694
https://notcve.org/view.php?id=CVE-2002-1694
31 Dec 2002 — Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running. • http://online.securityfocus.com/archive/1/250591 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-1695
https://notcve.org/view.php?id=CVE-2002-1695
31 Dec 2002 — Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. • http://online.securityfocus.com/archive/1/250591 •
CVSS: 5.0EPSS: 19%CPEs: 5EXPL: 2CVE-2002-1790 – Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
https://notcve.org/view.php?id=CVE-2002-1790
31 Dec 2002 — The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. • https://www.exploit-db.com/exploits/21613 •
CVSS: 9.8EPSS: 27%CPEs: 2EXPL: 0CVE-2002-0869
https://notcve.org/view.php?id=CVE-2002-0869
02 Nov 2002 — Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." Vulnerabilidad desconocida en el proceso de anfitrión (dllhost.exe) en Microsoft Internet Information Server (IIS) 4.0 a 5.1 permite a atacantes remotos ganar privilegios ejecutando una aplicación fuera de proceso que adqui... • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0059.html •