Microsoft Commercial Internet System — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Commercial Internet System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-1999-0777 — CVSS 7.5 (high): IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVE-2000-0053 — CVSS 7.5 (high): Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.
CVE-1999-0910 — CVSS 5.0 (medium): Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy…
CVE-2000-0246 — CVSS 5.0 (medium): IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote…
CVE-1999-0861 — CVSS 2.6 (low): Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.