Lucene search
K
MicrosoftFrontpage

23 matches found

CVE
CVE
added 2004/09/17 4:0 a.m.149 views

CVE-2004-0200

CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...

9.3CVSS7.6AI score0.49024EPSS
CVE
CVE
added 2000/06/15 4:0 a.m.144 views

CVE-2000-0413

The vulnerability CVE-2000-0413 affects the FrontPage Server Extensions shtml.exe component in IIS 4.0/5.0. A remote attacker can trigger an error by requesting a non-existent HTML/HTM/ASP/SHTML file, causing the server to reveal the local absolute path of the web root in the error message. This ...

5CVSS6.4AI score0.43893EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.136 views

CVE-2013-3137

CVE-2013-3137 affects Microsoft FrontPage 2003 SP3. The issue arises from how FrontPage parses DTDs in XML inside FrontPage documents, causing an information-disclosure vulnerability. Remote attackers could obtain sensitive information by crafting a FrontPage document. Microsoft issued MS13-078 w...

4.3CVSS6AI score0.32444EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.124 views

CVE-2000-0709

The CVE-2000-0709 issue affects Microsoft FrontPage 2000 Server Extensions 1.1, specifically the shtml.exe component. A remote attacker can trigger a denial-of-service condition by requesting a URL whose path includes a standard DOS device name, leading to partial availability impact as described...

5CVSS6.5AI score0.2539EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.101 views

CVE-1999-0012

CVE-1999-0012 affects some Microsoft Windows-based web servers where remote attackers can bypass file access restrictions for files with long file names. The connected documents confirm the vulnerability description but do not provide concrete product versions, fixed versions, or remediation step...

7CVSS7.6AI score0.18196EPSS
CVE
CVE
added 2006/10/10 10:0 p.m.97 views

CVE-2006-3877

PowerPoint Malformed Record Memory Corruption Vulnerability (CVE-2006-3877) affects multiple Office suites. A remote code execution flaw exists when PowerPoint opens a specially crafted file with malformed records, allowing an attacker to gain full control of the affected system if the user runs ...

9.3CVSS7.1AI score0.12199EPSS
CVE
CVE
added 2007/02/03 1:0 a.m.92 views

CVE-2007-0671

CVE-2007-0671 is a remote-code-execution vulnerability in Microsoft Office Excel (affecting Excel 2000/XP/2003 and Mac equivalents) where a specially crafted Excel file can trigger arbitrary code execution. The vulnerability arises from improper handling/parsing of office records, enabling remote...

9.3CVSS7.5AI score0.42139EPSS
In wild
CVE
CVE
added 2000/02/23 5:0 a.m.75 views

CVE-2000-0153

The CVE-2000-0153 entry concerns FrontPage Personal Web Server (PWS). It describes a path traversal vulnerability (dot-dot attack) that allows remote attackers to read files, resulting in partial confidentiality impact. The available connected records confirm the affected product and the basic im...

5CVSS6.9AI score0.13691EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.75 views

CVE-2000-0746

The CVE-2000-0746 entry concerns a Microsoft IIS XSS vulnerability affecting IIS 4.0 and 5.0. The issue arises from improper handling of unquoted script content in links returned within error messages, allowing a malicious site to craft a link that executes scripts in the context of a trusted sit...

7.5CVSS6AI score0.08553EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.73 views

CVE-2000-0710

Affected product/component: Microsoft FrontPage 2000 Server Extensions 1.1, shtml.exe. Vulnerability: Remote attackers can determine the physical path of server components by requesting an invalid URL whose name includes a standard DOS device name. Impact: Information disclosure (partial). Root c...

5CVSS6.7AI score0.26383EPSS
CVE
CVE
added 2000/04/26 4:0 a.m.72 views

CVE-2000-0256

The CVE-2000-0256 entry describes buffer overflows in FrontPage 97/98 Server Extensions, specifically htimage.exe (and Imagemap.exe) that allow a remote attacker to perform actions beyond the web site’s scope. A concrete exploit path is documented for htimage.exe via /cgi-bin/htimage.exe/AAAA[......

7.5CVSS6.5AI score0.11698EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.71 views

CVE-1999-1016

CVE-1999-1016 concerns the Microsoft HTML control used in Internet Explorer 5.0, FrontPage Express, Outlook Express 5, and Eudora. The vulnerability allows a remote attacker (via a malicious web site or HTML email) to trigger a denial of service by crafting large HTML form fields (e.g., text inpu...

5CVSS7.4AI score0.07702EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.65 views

CVE-1999-0386

CVE-1999-0386 affects Microsoft Personal Web Server and FrontPage Personal Web Server on Windows. Connected sources confirm a remote attacker can read server files via a nonstandard URL, with additional evidence describing a traversal-like vector using multiple dot characters (e.g., dot-dot-dot s...

5CVSS6.4AI score0.19101EPSS
CVE
CVE
added 2008/07/07 11:0 p.m.65 views

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...

7.5CVSS6.7AI score0.17404EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.64 views

CVE-2000-0419

The Office 2000 UA ActiveX control is described as wrongly marked “safe for scripting.” This vulnerability allows an intruder to script interactions through the control’s Show Me feature, potentially disabling macro warnings and enabling arbitrary actions within Office applications (e.g., launchi...

7.5CVSS6.7AI score0.20999EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.62 views

CVE-2000-0260

The CVE-2000-0260 issue is a buffer overflow in the dvwssr.dll used by Microsoft FrontPage 98 Server Extensions for IIS, exposed via InterDev 1.0 and related IIS packages. The Core Advisory CORE-041200 documents a remotely exploitable boundary error in dvwssr.dll (FrontPage 98 extensions) that ca...

7.5CVSS6.9AI score0.13893EPSS
CVE
CVE
added 2004/09/17 4:0 a.m.61 views

CVE-2004-0573

CVE-2004-0573 describes a buffer overflow in the Microsoft WordPerfect 5.x Converter used by Office 2000, Office XP, Office 2003, and Works Suite 2001–2004. The overflow occurs when reading an overly long WordPerfect 5.x document, allowing a remote attacker to execute arbitrary code with the priv...

7.5CVSS7.8AI score0.42337EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.60 views

CVE-1999-0681

CVE-1999-0681: A buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95 (and possibly other versions) allows remote attackers to cause a denial of service by sending a long URL. Red Hat and CVE records confirm the same description. The exposed component is FrontPag...

5CVSS7.3AI score0.20465EPSS
CVE
CVE
added 2005/07/05 4:0 a.m.58 views

CVE-2005-2143

CVE-2005-2143 affects Microsoft Front Page; a crafted style tag in a web page can cause the application to crash (denial of service). The connected records reiterate the DoS impact but do not provide concrete exploit details, versions, or remediation steps. No explicit exploitation vectors or fix...

5CVSS6.7AI score0.03983EPSS
CVE
CVE
added 2007/06/07 9:0 p.m.57 views

CVE-2007-3109

The CVE-2007-3109 description in the connected documents identifies the CERN Image Map Dispatcher (htimage.exe) used by Microsoft FrontPage as the affected component. The vulnerability allows remote attackers to determine the existence and potentially partial contents of arbitrary files under the...

6.4CVSS6.7AI score0.10857EPSS
CVE
CVE
added 2000/02/08 5:0 a.m.56 views

CVE-2000-0122

CVE-2000-0122 affects FrontPage Server Extensions. A remote attacker can determine the physical path of a virtual directory by issuing a GET to htimage.exe, leading to information disclosure about server layout. The provided records do not specify affected versions, exact vulnerable component det...

5CVSS6.8AI score0.21474EPSS
CVE
CVE
added 2005/07/10 4:0 a.m.56 views

CVE-2004-2179

CVE-2004-2179 affects asycpict.dll used in Microsoft FrontPage 97/98; allows remote DoS by sending a JPEG with maximum height/width, causing a hang. Red Hat and CVE lists mirror the description; no remediation details are provided in the connected documents. Exploit details and fix/version inform...

5CVSS6.9AI score0.12034EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.51 views

CVE-1999-1052

Microsoft FrontPage stores form results in a default location under /_private/form_results.txt, which is world-readable and accessible from the document root. This allows remote attackers to read possibly sensitive information submitted by other users. The available connected records confirm the ...

5CVSS6.6AI score0.14337EPSS