Vulnerabilities > Microsoft > Frontpage > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-11 | CVE-2013-3137 | Information Exposure vulnerability in Microsoft Frontpage 2003 Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability." | 4.3 |
| 2007-06-07 | CVE-2007-3109 | Remote Security vulnerability in Microsoft Frontpage and Office The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO. | 6.4 |
| 2005-07-05 | CVE-2005-2143 | Unspecified vulnerability in Microsoft Frontpage Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. | 5.0 |
| 2004-12-31 | CVE-2004-2179 | Remote Denial of Service vulnerability in Microsoft Frontpage and IE asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | 5.0 |
| 2001-03-12 | CVE-1999-0681 | Unspecified vulnerability in Microsoft Frontpage and Personal web Server Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | 5.0 |
| 2000-10-20 | CVE-2000-0710 | Denial Of Service vulnerability in Microsoft FrontPage Server Extensions MS-DOS Device Name The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name. | 5.0 |
| 2000-10-20 | CVE-2000-0709 | Denial Of Service vulnerability in Microsoft FrontPage Server Extensions MS-DOS Device Name The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name. | 5.0 |
| 2000-05-06 | CVE-2000-0413 | Path Disclosure vulnerability in Microsoft products The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path. | 5.0 |
| 2000-02-03 | CVE-2000-0122 | Unspecified vulnerability in Microsoft Frontpage 2000/98 Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program. | 5.0 |
| 1999-08-27 | CVE-1999-1016 | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | 5.0 |