Lucene search
K
MicrosoftIsa Server

21 matches found

CVE
CVE
added 2009/08/12 5:0 p.m.125 views

CVE-2009-0562

CVE-2009-0562 describes a heap memory corruption in the Office Web Components ActiveX control (OWC10.DataSourceControl) used by Office XP/2003 Web Components and related components. The vulnerability could allow remote code execution when a user loads a malicious page that loads/unloads the contr...

9.3CVSS7.5AI score0.2565EPSS
CVE
CVE
added 2009/07/15 3:0 p.m.123 views

CVE-2009-1136

CVE-2009-1136 affects the Microsoft Office Web Components Spreadsheet ActiveX control (OWC10/OWC11) bundled with Office XP SP3, Office 2003 SP3, and related Web Components/ISA configurations. A crafted call to msDataSourceObject in Internet Explorer allows remote code execution; this vulnerabilit...

9.3CVSS7.2AI score0.6202EPSS
CVE
CVE
added 2009/08/12 5:0 p.m.99 views

CVE-2009-1534

CVE-2009-1534 : Buffer overflow in the Office Web Components ActiveX Control used by Microsoft Office Web Components across multiple products (Office XP/2000 Web Components SP3, BizTalk Server 2002, Visual Studio .NET 2003 SP1) enables remote code execution via crafted property values. The issue ...

9.3CVSS7.8AI score0.5161EPSS
Web
CVE
CVE
added 2002/06/15 4:0 a.m.70 views

CVE-2002-0371

CVE-2002-0371 corresponds to a buffer overflow in the gopher client handling responses in Microsoft Internet Explorer (5.1–6.0) and related components (Proxy Server 2.0, ISA Server 2000). The CERT/CC entry (VU-440275) describes an overflow when processing gopher replies, allowing arbitrary code e...

7.5CVSS7.8AI score0.54441EPSS
CVE
CVE
added 2004/11/16 5:0 a.m.62 views

CVE-2004-0892

CVE-2004-0892 describes a spoofing vulnerability in ISA Server 2000 and Proxy Server 2.0 (also in Small Business Server 2000/2003 Premium) where reverse-DNS cache results can be manipulated to spoof trusted Internet content on a crafted page. Connected data confirms the bug exists in these produc...

7.5CVSS6.5AI score0.17357EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.61 views

CVE-2001-1533

CVE-2001-1533 affects Microsoft Internet Security and Acceleration (ISA) Server 2000. A denial of service can be triggered by a flood of fragmented UDP packets. Several sources note the vendor disputes the issue, claiming it requires high bandwidth and does not cause instability, suggesting it ma...

5.3CVSS6.9AI score0.18012EPSS
CVE
CVE
added 2003/07/17 4:0 a.m.60 views

CVE-2003-0526

The CVE-2003-0526 entry describes a cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000. The flaw allows remote attackers to inject arbitrary web script via a URL whose domain name portion contains the attack payload. The vulnerability arises...

6.8CVSS6AI score0.22472EPSS
CVE
CVE
added 2005/06/08 4:0 a.m.57 views

CVE-2005-1907

CVE-2005-1907 affects the ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000. The issue allows remote attackers to cause a denial of service (Wspsrv.exe crash) by sending a large volume of SecureNAT traffic. The connected Nessus entry MS05-034 (ISA Server 2000 ...

5CVSS6.6AI score0.19314EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.56 views

CVE-2003-0011

Microsoft ISA Server DNS – Denial Of Service (MS03-009): A vulnerability exists in the ISA Server 2000 DNS intrusion detection application filter that can be exploited by a specially formed DNS request to cause a denial of service in DNS services. Public references describe that the attacker can ...

5CVSS6.6AI score0.13335EPSS
CVE
CVE
added 2003/04/15 4:0 a.m.54 views

CVE-2003-0110

The CVE-2003-0110 issue affects Microsoft Proxy Server 2.0 and ISA Server 2000, specifically the Winsock Proxy/WinSock Proxy service (wspsrv.exe) that binds UDP port 1745. A spoofed, malformed UDP packet can trigger a denial-of-service, causing CPU exhaustion or a packet storm on the remote host....

5CVSS6.6AI score0.17966EPSS
CVE
CVE
added 2009/07/15 3:0 p.m.53 views

CVE-2009-1135

CVE-2009-1135 affects Microsoft ISA Server 2006 (Gold/SP1) when Radius OTP is enabled. The vulnerability stems from ISA Server using HTTP-Basic authentication for Radius OTP-enabled requests, which can let a remote attacker impersonate a valid user and access published web resources behind the IS...

9CVSS7.1AI score0.26454EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.52 views

CVE-2001-0546

The CVE-2001-0546 issue affects Microsoft Internet Security and Acceleration (ISA) Server 2000, specifically the H.323 Gatekeeper Service. A memory leak is triggered by large amounts of malformed H.323 data, allowing remote attackers to exhaust memory and cause a denial of service (resource exhau...

5CVSS6.5AI score0.17341EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.50 views

CVE-2001-0547

CVE-2001-0547 describes a memory leak in the proxy service of Microsoft Internet Security and Acceleration (ISA) Server 2000 that allows local attackers to cause a denial of service through resource exhaustion. The affected product is ISA Server 2000 (proxy service component); the underlying caus...

2.1CVSS6.6AI score0.01702EPSS
CVE
CVE
added 2006/07/17 7:0 p.m.50 views

CVE-2006-3652

Microsoft Internet Security and Acceleration (ISA) Server 2004 is affected by CVE-2006-3652, where remote attackers can bypass file extension filters by issuing a request with a trailing character '#'. The provided sources describe the vulnerability as a filter bypass but do not specify affected ...

7.5CVSS7AI score0.18914EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.49 views

CVE-2001-0658

CVE-2001-0658 affects Microsoft Internet Security and Acceleration (ISA) Server 2000. The issue is a cross-site scripting (CSS) vulnerability where malicious script delivered in an invalid URL, not properly quoted in an error message, can cause other clients to execute scripts or read cookies. Th...

7.5CVSS6.8AI score0.1134EPSS
CVE
CVE
added 2007/09/21 6:0 p.m.49 views

CVE-2007-4991

The CVE-2007-4991 issue affects Microsoft ISA Server 2004 SP1 and SP2, where the SOCKS4 Proxy can leak the destination IP address of another user’s session. The root cause is that an empty packet to the SOCKS4 proxy elicits a response containing the last IP address proxied through the server. Imp...

5CVSS6.1AI score0.16148EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.47 views

CVE-2005-1216

CVE-2005-1216 describes an elevation-of-privilege vulnerability in Microsoft ISA Server 2000 involving the NetBIOS (all) predefined packet filter. An attacker could connect to NetBIOS services on a server that has the filter enabled, potentially bypassing content restrictions or accessing restric...

7.5CVSS6.5AI score0.25806EPSS
CVE
CVE
added 2007/02/23 1:0 a.m.47 views

CVE-2006-7027

CVE-2006-7027 concerns Microsoft Internet Security and Acceleration (ISA) Server 2004. The vulnerability arises when the Host header contains unusual ASCII characters (including a tab), enabling remote attackers to manipulate portions of the log file and potentially leverage it for further attack...

10CVSS7AI score0.14571EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.45 views

CVE-2005-1215

CVE-2005-1215 relates to ISA Server 2000's handling of HTTP requests with multiple Content-Length headers, enabling remote attackers to poison the cache or bypass content restrictions. The vulnerability arises from malformed HTTP content-length processing, potentially causing cached or redirected...

7.5CVSS6.6AI score0.19035EPSS
CVE
CVE
added 2006/04/06 10:0 a.m.44 views

CVE-2006-1651

Microsoft ISA Server 2004 is affected by CVE-2006-1651, which reportedly allows remote attackers to bypass filtering rules (including ICMP and TCP) via IPv6 packets. The issue is controversial: an established researcher disputes IPv6 filtering support in ISA Server 2004 and Windows 2003 Basic Fir...

7.5CVSS6.8AI score0.15185EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.43 views

CVE-2001-0239

CVE-2001-0239 affects Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Proxy. The vulnerability allows remote attackers to cause a denial of service by sending a long web request with a specific type. The provided documents do not specify the exact vulnerable component version, ...

7.5CVSS7AI score0.27962EPSS