Vulnerabilities > CVE-1999-0412 - Unspecified vulnerability in Microsoft products

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

exploit available

NVD

Published: 1999-02-19

Updated: 2024-11-20

Summary

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

Part	Description	Count
Application	Microsoft Microsoft Internet Information Server 3.0 Microsoft Internet Information Server 4.0 Microsoft Internet Information Services 2.0	3

description	Microsoft IIS 2.0/3.0/4.0 ISAPI GetExtensionVersion() Vulnerability. CVE-1999-0412. Local exploit for windows platform
id	EDB-ID:19376
last seen	2016-02-02
modified	1999-03-08
published	1999-03-08
reporter	Fabien Royer
source	https://www.exploit-db.com/download/19376/
title	Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion Vulnerability