CVSS: 9.1EPSS: 13%CPEs: 1EXPL: 0CVE-2009-4445
https://notcve.org/view.php?id=CVE-2009-4445
29 Dec 2009 — Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax. NOTE: it could be argued that this is a vulnerabil... • http://securitytracker.com/id?1023387 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2006-6579
https://notcve.org/view.php?id=CVE-2006-6579
15 Dec 2006 — Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine. Microsoft Windows XP tiene pérmisos débiles (FILE_WRITE_DATA y FILE_READ_DATA para cualquiera) para %WINDIR%\pchealth\ERRORREP\QHEADLES, lo cual permite a un usuario local escribir y leer archivos en esta carpet... • http://www.securityfocus.com/archive/1/454268/100/0/threaded •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 0CVE-1999-0253
https://notcve.org/view.php?id=CVE-1999-0253
01 Jan 1997 — IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. • http://www.securityfocus.com/bid/1814 •
CVSS: 10.0EPSS: 33%CPEs: 1EXPL: 1CVE-1999-0233 – Microsoft IIS 1.0 / Netscape Server 1.0/1.12 / OReilly WebSite Professional 1.1b - '.cmd' / '.CMD' Remote Command Execution
https://notcve.org/view.php?id=CVE-1999-0233
25 Feb 1996 — IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. • https://www.exploit-db.com/exploits/20445 •