Frontpage@* Security Vulnerabilities and Issues — Frontpage@* CVE List

Lucene search

MicrosoftFrontpage*

13 matches found

CVE•added 2000/06/15 4:0 a.m.•125 views

CVE-2000-0413

The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.

5CVSS6.4AI score0.59392EPSS

CVE•added 2000/10/20 4:0 a.m.•105 views

CVE-2000-0709

The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.

5CVSS6.5AI score0.28943EPSS

CVE•added 1999/09/29 4:0 a.m.•83 views

CVE-1999-0012

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

7CVSS7.6AI score0.00447EPSS

CVE•added 2000/10/20 4:0 a.m.•61 views

CVE-2000-0710

The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.

5CVSS6.7AI score0.55141EPSS

CVE•added 2000/10/20 4:0 a.m.•61 views

CVE-2000-0746

Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scr...

7.5CVSS6AI score0.18278EPSS

CVE•added 2000/04/26 4:0 a.m.•58 views

CVE-2000-0256

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.

7.5CVSS6.5AI score0.34079EPSS

CVE•added 2000/02/23 5:0 a.m.•55 views

CVE-2000-0153

FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.

5CVSS6.9AI score0.32532EPSS

CVE•added 1999/09/29 4:0 a.m.•51 views

CVE-1999-0386

Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.

5CVSS6.4AI score0.72573EPSS

CVE•added 2001/09/12 4:0 a.m.•49 views

CVE-1999-1016

Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a tab...

5CVSS7.4AI score0.08651EPSS

CVE•added 2005/07/05 4:0 a.m.•43 views

CVE-2005-2143

Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.

5CVSS6.7AI score0.1028EPSS

CVE•added 2000/06/02 4:0 a.m.•42 views

CVE-2000-0260

Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.

7.5CVSS6.9AI score0.22869EPSS

CVE•added 2007/06/07 9:30 p.m.•41 views

CVE-2007-3109

The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.

6.4CVSS6.7AI score0.19989EPSS

CVE•added 2001/09/12 4:0 a.m.•37 views

CVE-1999-1052

Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.

5CVSS6.6AI score0.42184EPSS