Every CVE whose affected-product data names Microsoft Frontpage, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2004-0200 — CVSS 9.3 (critical): Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows…
CVE-2006-3877 — CVSS 9.3 (critical): Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac…
CVE-2004-0573 — CVSS 7.5 (high): Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004…
CVE-2000-0256 — CVSS 7.5 (high): Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not…
CVE-2000-0419 — CVSS 7.5 (high): The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via…
CVE-2008-3068 — CVSS 7.5 (high): Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation…
CVE-2000-0260 — CVSS 7.5 (high): Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka…
CVE-2000-0746 — CVSS 7.5 (high): Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site…
CVE-1999-0012 — CVSS 7.0 (high): Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-2007-3109 — CVSS 6.4 (medium): The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial…
CVE-2000-0709 — CVSS 5.0 (medium): The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some…
CVE-1999-0386 — CVSS 5.0 (medium): Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the…
CVE-1999-0681 — CVSS 5.0 (medium): Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote…
CVE-1999-1016 — CVSS 5.0 (medium): Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly…
CVE-1999-1052 — CVSS 5.0 (medium): Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the…
CVE-2000-0122 — CVSS 5.0 (medium): Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the…
CVE-2000-0153 — CVSS 5.0 (medium): FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-2000-0413 — CVSS 5.0 (medium): The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of…
CVE-2000-0710 — CVSS 5.0 (medium): The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the…
CVE-2004-2179 — CVSS 5.0 (medium): asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a…
CVE-2005-2143 — CVSS 5.0 (medium): Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
CVE-2013-3137 — CVSS 4.3 (medium): Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML…