Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
MicrosoftInternet Information Server6.0

9 matches found

CVE
CVEadded 2010/09/15 7:0 p.m.1019 views

CVE-2010-1899

Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vul...

4.3CVSS6.4AI score0.87011EPSS
CVE
CVEadded 2010/06/08 8:30 p.m.609 views

CVE-2010-1256

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption...

8.5CVSS7.3AI score0.33545EPSS
CVE
CVEadded 2008/02/12 9:0 p.m.504 views

CVE-2008-0075

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.

10CVSS7.3AI score0.725EPSS
CVE
CVEadded 2007/05/30 10:30 a.m.277 views

CVE-2007-2897

Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute arbitrary code after connec...

7.5CVSS7.7AI score0.5348EPSS
CVE
CVEadded 2008/02/12 9:0 p.m.196 views

CVE-2008-0074

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.

7.2CVSS6.2AI score0.02029EPSS
CVE
CVEadded 2005/08/23 4:0 a.m.129 views

CVE-2005-2678

Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost.

5CVSS6.6AI score0.55449EPSS
CVE
CVEadded 2010/02/05 10:30 p.m.118 views

CVE-2003-1582

Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inver...

2.6CVSS6.1AI score0.04959EPSS
CVE
CVEadded 2006/07/11 10:5 p.m.103 views

CVE-2006-0026

Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).

6.5CVSS7.6AI score0.90121EPSS
CVE
CVEadded 2004/11/03 5:0 a.m.88 views

CVE-2003-0718

The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes.

5CVSS6.7AI score0.81995EPSS