Vulnerabilities > Microsoft > Internet Information Services > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-06-10 | CVE-2009-1122 | Improper Authentication vulnerability in Microsoft Internet Information Services 5.0 The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote attackers to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1535. | 7.5 |
2009-06-10 | CVE-2009-1535 | Improper Authentication vulnerability in Microsoft Internet Information Services 5.1/6.0 The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulnerability than CVE-2009-1122. | 7.5 |
2008-02-12 | CVE-2008-0074 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. | 7.2 |
2006-12-15 | CVE-2006-6578 | Unspecified vulnerability in Microsoft Internet Information Services 5.1 Microsoft Internet Information Services (IIS) 5.1 permits the IUSR_Machine account to execute non-EXE files such as .COM files, which allows attackers to execute arbitrary commands via arguments to any .COM file that executes those arguments, as demonstrated using win.com when it is in a web directory with certain permissions. | 7.5 |
2005-12-20 | CVE-2005-4360 | Unchecked Return Value vulnerability in Microsoft Internet Information Services 5.1 The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". | 7.8 |
2002-12-31 | CVE-2002-1745 | Off-by-one Error vulnerability in Microsoft Internet Information Services 5.0 Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. | 7.5 |
2002-11-12 | CVE-2002-1180 | Unspecified vulnerability in Microsoft Internet Information Services 5.0 A typographical error in the script source access permissions for Internet Information Server (IIS) 5.0 does not properly exclude .COM files, which allows attackers with only write permissions to upload malicious .COM files, aka "Script Source Access Vulnerability." | 7.5 |
2002-11-12 | CVE-2002-0869 | Unspecified vulnerability in Microsoft products Unknown vulnerability in the hosting process (dllhost.exe) for Microsoft Internet Information Server (IIS) 4.0 through 5.1 allows remote attackers to gain privileges by executing an out of process application that acquires LocalSystem privileges, aka "Out of Process Privilege Elevation." | 7.5 |
2002-07-03 | CVE-2002-0364 | Heap Overflow vulnerability in Microsoft products Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise." | 7.5 |
2002-04-22 | CVE-2002-0150 | Unspecified vulnerability in Microsoft products Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values. | 7.5 |