Lucene search
K

13 matches found

CVE
CVE
added 2000/06/15 4:0 a.m.144 views

CVE-2000-0413

The vulnerability CVE-2000-0413 affects the FrontPage Server Extensions shtml.exe component in IIS 4.0/5.0. A remote attacker can trigger an error by requesting a non-existent HTML/HTM/ASP/SHTML file, causing the server to reveal the local absolute path of the web root in the error message. This ...

5CVSS6.4AI score0.43893EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.124 views

CVE-2000-0709

The CVE-2000-0709 issue affects Microsoft FrontPage 2000 Server Extensions 1.1, specifically the shtml.exe component. A remote attacker can trigger a denial-of-service condition by requesting a URL whose path includes a standard DOS device name, leading to partial availability impact as described...

5CVSS6.5AI score0.2539EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.101 views

CVE-1999-0012

CVE-1999-0012 affects some Microsoft Windows-based web servers where remote attackers can bypass file access restrictions for files with long file names. The connected documents confirm the vulnerability description but do not provide concrete product versions, fixed versions, or remediation step...

7CVSS7.6AI score0.18196EPSS
CVE
CVE
added 2000/02/23 5:0 a.m.75 views

CVE-2000-0153

The CVE-2000-0153 entry concerns FrontPage Personal Web Server (PWS). It describes a path traversal vulnerability (dot-dot attack) that allows remote attackers to read files, resulting in partial confidentiality impact. The available connected records confirm the affected product and the basic im...

5CVSS6.9AI score0.13691EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.75 views

CVE-2000-0746

The CVE-2000-0746 entry concerns a Microsoft IIS XSS vulnerability affecting IIS 4.0 and 5.0. The issue arises from improper handling of unquoted script content in links returned within error messages, allowing a malicious site to craft a link that executes scripts in the context of a trusted sit...

7.5CVSS6AI score0.08553EPSS
CVE
CVE
added 2000/04/26 4:0 a.m.74 views

CVE-2000-0256

The CVE-2000-0256 entry describes buffer overflows in FrontPage 97/98 Server Extensions, specifically htimage.exe (and Imagemap.exe) that allow a remote attacker to perform actions beyond the web site’s scope. A concrete exploit path is documented for htimage.exe via /cgi-bin/htimage.exe/AAAA[......

7.5CVSS6.5AI score0.11698EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.73 views

CVE-2000-0710

Affected product/component: Microsoft FrontPage 2000 Server Extensions 1.1, shtml.exe. Vulnerability: Remote attackers can determine the physical path of server components by requesting an invalid URL whose name includes a standard DOS device name. Impact: Information disclosure (partial). Root c...

5CVSS6.7AI score0.26383EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.71 views

CVE-1999-1016

CVE-1999-1016 concerns the Microsoft HTML control used in Internet Explorer 5.0, FrontPage Express, Outlook Express 5, and Eudora. The vulnerability allows a remote attacker (via a malicious web site or HTML email) to trigger a denial of service by crafting large HTML form fields (e.g., text inpu...

5CVSS7.4AI score0.07702EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.65 views

CVE-1999-0386

CVE-1999-0386 affects Microsoft Personal Web Server and FrontPage Personal Web Server on Windows. Connected sources confirm a remote attacker can read server files via a nonstandard URL, with additional evidence describing a traversal-like vector using multiple dot characters (e.g., dot-dot-dot s...

5CVSS6.4AI score0.19101EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.62 views

CVE-2000-0260

The CVE-2000-0260 issue is a buffer overflow in the dvwssr.dll used by Microsoft FrontPage 98 Server Extensions for IIS, exposed via InterDev 1.0 and related IIS packages. The Core Advisory CORE-041200 documents a remotely exploitable boundary error in dvwssr.dll (FrontPage 98 extensions) that ca...

7.5CVSS6.9AI score0.13893EPSS
CVE
CVE
added 2005/07/05 4:0 a.m.58 views

CVE-2005-2143

CVE-2005-2143 affects Microsoft Front Page; a crafted style tag in a web page can cause the application to crash (denial of service). The connected records reiterate the DoS impact but do not provide concrete exploit details, versions, or remediation steps. No explicit exploitation vectors or fix...

5CVSS6.7AI score0.03983EPSS
CVE
CVE
added 2007/06/07 9:0 p.m.58 views

CVE-2007-3109

The CVE-2007-3109 description in the connected documents identifies the CERN Image Map Dispatcher (htimage.exe) used by Microsoft FrontPage as the affected component. The vulnerability allows remote attackers to determine the existence and potentially partial contents of arbitrary files under the...

6.4CVSS6.7AI score0.10857EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.52 views

CVE-1999-1052

Microsoft FrontPage stores form results in a default location under /_private/form_results.txt, which is world-readable and accessible from the document root. This allows remote attackers to read possibly sensitive information submitted by other users. The available connected records confirm the ...

5CVSS6.6AI score0.14337EPSS