98 matches found
Microsoft FrontPage Extensions - Information Disclosure
Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...
EUVD-2003-0218
Malware in sbrugna...
EUVD-2002-1674
Malware in sbrugna...
EUVD-2003-0693
Malware in sbrugna...
EUVD-2004-0205
Malware in sbrugna...
EUVD-2024-16694
Malicious code in bioql PyPI...
CVE-2002-1718
Microsoft Internet Information Server IIS 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension FPSE file, as claimed using an HTTP request for colegal.htm that contains .. dot dot sequences...
PT-2024-15915 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: C•CURE 9000 Web Server affected versions not specified Microsoft Internet Information Server IIS affected versions not specified Description: Under certain circumstances, the Microsoft Internet Information Server IIS used to host the C•CURE...
VBScript RegExpComp::PnodeParse Out-Of-Bounds Read
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the sixth entry in that series. The below information is available in more detail on my blog at http://blog.skylined.nl/20161108001.html. There you can find a repro th...
VBScript CRegExp::Execute Uninitialized Memory Use
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the fifth entry in that series. The below information is available in more detail on my blog at http://blog.skylined.nl/20161107001.html. There you can find a repro th...
Microsoft IIS 5.0 IDC Extension Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5900/info A vulnerability in Microsoft Internet Information Server IIS may make cross-site scripting attacks possible. When IIS receives a request for an .idc file, the server typically returns a 404 message when the page...
Microsoft IIS 2.0/3.0 Long URL Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2654/info Microsoft Internet Information Server is vulnerable to a denial of service. This particular denial of service affects versions 2.0, 3.0 and 4.0 of the server prior to service pack 4. The URL which causes this...
RSA Authentication Agent for Web Buffer Overflow (CVE-2005-1471)
The RSA Authentication Agent for Web for Internet Information Services IIS provides protection for selected web pages by securing them with the RSA SecurID authentication mechanism. When a user attempts to access a resource that is secured with the RSA SecurID, the RSA Agent authenticates the use...
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (1)
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass 1...
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Vulnerability
Exploit for windows platform in category remote exploits =================================================================== Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Vulnerability ===================================================================...
Internet Information Server and IAS ActiveX unauthorized access and DoS
ActiveX allows privileged actions to be silently executed...
Microsoft Internet Information Server 5.1 DLL请求拒绝服务漏洞
Microsoft Internet Information Server是一款流行的WEB服务程序。 Windows XP Professional Service Pack 2下的IIS 5.1处理畸形匿名HTTP请求存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 此问题只存在于文件夹中对脚本和可执行文件设置了执行权限的情况。提交包含"0", "1", "2", "3", "4", "5", "6", "7", "8", 或"9" 等字符的请求,可导致应用程序停止响应。 Microsoft Windows XP Tablet PC Edition SP2 Microso...
Microsoft Internet Information Server DoS
Request like http://www.example.com/vtibin/.dll/0 for virtual folders with CGI execution enabled causes server to crash and potentially leads to code execution...
Microsoft Commerce Server 2002: Logon as known user with a false password
Microsoft Commerce Server 2002: Logon as known user with a false password Vulnerable: Microsoft Windows Server 2000/2003 + Internet Information Server 5/6 + Commerce Server 2002 Discussion: Microsoft Commerce Server is used by company's who want to give customers the opportunity to change there o...
Cumulative Patch for Internet Information Services (Q327696)
Cumulative Patch for Microsoft IIS Q327696 Impact of vulnerability: Ten new vulnerabilities, the most serious of which could enable code of an attacker's choice to be run on a server. Recommendation: Users using any of the affected products should install the patch immediately. Maximum Severity...