Vulnerabilities > Microsoft > Indexing Service
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-21 | CVE-2001-0500 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. | 10.0 |
| 2001-06-27 | CVE-2001-0245 | Remote Security vulnerability in Microsoft Index Server and Indexing Service Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability. | 5.0 |
| 2001-01-09 | CVE-2000-1105 | Unspecified vulnerability in Microsoft Indexing Service The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. network microsoft | 4.3 |
| 2000-12-19 | CVE-2000-0942 | Unspecified vulnerability in Microsoft Indexing Service The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability. | 5.1 |