Microsoft Internet Information Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Internet Information Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (107)
CVE-1999-1376 — CVSS 10.0 (critical): Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
CVE-2001-0500 — CVSS 10.0 (critical): Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote…
CVE-1999-1011 — CVSS 10.0 (critical): The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods…
CVE-1999-0407 — CVSS 10.0 (critical): By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks…
CVE-1999-0874 — CVSS 10.0 (critical): Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM…
CVE-2008-0075 — CVSS 10.0 (critical): Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary…
CVE-2009-3023 — CVSS 9.0 (critical): Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to…
CVE-2010-1256 — CVSS 8.5 (high): Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote…
CVE-1999-0449 — CVSS 7.8 (high): The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1)…
CVE-2007-0087 — CVSS 7.8 (high): Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to…
CVE-2001-0334 — CVSS 7.5 (high): FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long…
CVE-1999-1591 — CVSS 7.5 (high): Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication…
CVE-1999-0777 — CVSS 7.5 (high): IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVE-1999-0412 — CVSS 7.5 (high): In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
CVE-2002-0071 — CVSS 7.5 (high): Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows…
CVE-2002-0147 — CVSS 7.5 (high): Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause…
CVE-2000-0746 — CVSS 7.5 (high): Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site…
CVE-1999-0253 — CVSS 7.5 (high): IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot)…
CVE-2000-0884 — CVSS 7.5 (high): IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed…
CVE-2000-0886 — CVSS 7.5 (high): IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with…
CVE-2000-0970 — CVSS 7.5 (high): IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to…
CVE-1999-0349 — CVSS 7.5 (high): A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute…
CVE-2000-1104 — CVSS 7.5 (high): Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site…
CVE-2007-2897 — CVSS 7.5 (high): Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of service (server instability or device hang)…
CVE-2001-0333 — CVSS 7.5 (high): Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and…
CVE-2002-0075 — CVSS 7.5 (high): Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary…
CVE-2002-0079 — CVSS 7.5 (high): Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows…
CVE-2002-0148 — CVSS 7.5 (high): Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary…
CVE-2002-0149 — CVSS 7.5 (high): Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and…
CVE-2002-0150 — CVSS 7.5 (high): Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers…
CVE-2002-0364 — CVSS 7.5 (high): Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing…
CVE-2002-0869 — CVSS 7.5 (high): Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote…
CVE-2000-0258 — CVSS 7.5 (high): IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka…
CVE-1999-0450 — CVSS 7.5 (high): In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
CVE-1999-1233 — CVSS 7.5 (high): IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS…
CVE-2000-0457 — CVSS 7.5 (high): ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded…
CVE-2002-0074 — CVSS 7.5 (high): Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote…
CVE-2004-0205 — CVSS 7.2 (high): Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
CVE-2001-0506 — CVSS 7.2 (high): Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for…
CVE-2008-0074 — CVSS 7.2 (high): Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via…
CVE-1999-0725 — CVSS 7.1 (high): When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain…
CVE-1999-0012 — CVSS 7.0 (high): Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-2002-1181 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft Internet Information Server (IIS) 4.0…
CVE-2003-0223 — CVSS 6.8 (medium): Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS)…
CVE-2006-0026 — CVSS 6.5 (medium): Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute…
CVE-2000-0024 — CVSS 6.4 (medium): IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via…
CVE-2000-0770 — CVSS 6.4 (medium): IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions…
CVE-2003-0718 — CVSS 5.0 (medium): The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service…
CVE-2005-2678 — CVSS 5.0 (medium): Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVER_NAME variable to bypass security checks and conduct various attacks via…
CVE-2003-0225 — CVSS 5.0 (medium): The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when…
CVE-1999-0154 — CVSS 5.0 (medium): IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
CVE-1999-0348 — CVSS 5.0 (medium): IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0448 — CVSS 5.0 (medium): IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really…
CVE-1999-0736 — CVSS 5.0 (medium): The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0737 — CVSS 5.0 (medium): The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-1035 — CVSS 5.0 (medium): IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET"…
CVE-1999-1148 — CVSS 5.0 (medium): FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV)…
CVE-1999-1223 — CVSS 5.0 (medium): IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of /…
CVE-1999-1375 — CVSS 5.0 (medium): FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name…
CVE-1999-1451 — CVSS 5.0 (medium): The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.
CVE-1999-1478 — CVSS 5.0 (medium): The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that…
CVE-1999-1537 — CVSS 5.0 (medium): IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a…
CVE-1999-1544 — CVSS 5.0 (medium): Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a…
CVE-2000-0025 — CVSS 5.0 (medium): IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name…
CVE-2000-0071 — CVSS 5.0 (medium): IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq…
CVE-2000-0114 — CVSS 5.0 (medium): Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in…
CVE-2000-0115 — CVSS 5.0 (medium): IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
CVE-2000-0126 — CVSS 5.0 (medium): Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
CVE-2000-0226 — CVSS 5.0 (medium): IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the…
CVE-2000-0246 — CVSS 5.0 (medium): IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote…
CVE-2000-0304 — CVSS 5.0 (medium): Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a…
CVE-2000-0408 — CVSS 5.0 (medium): IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file…
CVE-2000-0413 — CVSS 5.0 (medium): The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of…
CVE-2000-0630 — CVSS 5.0 (medium): IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment…
CVE-2000-0631 — CVSS 5.0 (medium): An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing…
CVE-2000-0858 — CVSS 5.0 (medium): Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed…
CVE-2000-1090 — CVSS 5.0 (medium): Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for parsed pages via a malformed URL that uses…
CVE-2001-0004 — CVSS 5.0 (medium): IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested…
CVE-2001-0096 — CVSS 5.0 (medium): FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the…
CVE-2001-0335 — CVSS 5.0 (medium): FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a…
CVE-2001-0336 — CVSS 5.0 (medium): The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a…
CVE-2001-0337 — CVSS 5.0 (medium): The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of…
CVE-2001-0545 — CVSS 5.0 (medium): IIS 4.0 with URL redirection enabled allows remote attackers to cause a denial of service (crash) via a malformed request that specifies a…
CVE-2001-0709 — CVSS 5.0 (medium): Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL…
CVE-2001-1243 — CVSS 5.0 (medium): Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash)…
CVE-2002-0072 — CVSS 5.0 (medium): The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not…
CVE-2002-0073 — CVSS 5.0 (medium): The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a…
CVE-2002-0419 — CVSS 5.0 (medium): Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute…
CVE-2002-1694 — CVSS 5.0 (medium): Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow…
CVE-2002-1695 — CVSS 5.0 (medium): Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to…
CVE-2002-1790 — CVSS 5.0 (medium): The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and…
CVE-2000-1147 — CVSS 4.6 (medium): Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE"…
CVE-2006-6579 — CVSS 4.4 (medium): Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which…
CVE-2010-1899 — CVSS 4.3 (medium): Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows…
CVE-2000-0649 — CVSS 2.6 (low): IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected…
CVE-1999-0861 — CVSS 2.6 (low): Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
CVE-2003-1582 — CVSS 2.6 (low): Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to…
CVE-2000-0167 — CVSS 2.1 (low): IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the…
CVE-1999-1538 — CVSS 2.1 (low): When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local…