Vulnerabilities > Microsoft > Internet Information Services

DATE CVE VULNERABILITY TITLE RISK
2002-12-31 CVE-2002-1745 Off-by-one Error vulnerability in Microsoft Internet Information Services 5.0
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files.
network
low complexity
microsoft CWE-193
7.5
7.5
2000-04-12 CVE-2000-0258 Improper Input Validation vulnerability in Microsoft products
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
network
low complexity
microsoft CWE-20
7.5
7.5