Vulnerabilities > Microsoft > Internet Information Services > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2002-08-12	CVE-2002-0422	Information Exposure vulnerability in Microsoft Internet Information Services 5.0 IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header. network high complexity microsoft CWE-200	2.6
2001-10-30	CVE-2001-0544	Denial of Service vulnerability in Microsoft Internet Information Services 5.0 IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table. local low complexity microsoft	2.1
2000-07-13	CVE-2000-0649	Information Exposure vulnerability in Microsoft products IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined. network high complexity microsoft CWE-200	2.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.