Vulnerabilities > Microsoft

DATE CVE VULNERABILITY TITLE RISK
2001-07-02 CVE-2001-0239 Unspecified vulnerability in Microsoft ISA Server 2000
Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Proxy allows remote attackers to cause a denial of service via a long web request with a specific type.
network
low complexity
microsoft
7.5
2001-07-02 CVE-2001-0238 Unspecified vulnerability in Microsoft products
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
network
low complexity
microsoft
7.5
2001-06-27 CVE-2001-0339 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability."
network
low complexity
microsoft
7.5
2001-06-27 CVE-2001-0338 Unspecified vulnerability in Microsoft Internet Explorer
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
network
high complexity
microsoft
5.1
2001-06-27 CVE-2001-0337 Denial-Of-Service vulnerability in IIS Far East Edition
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.
network
low complexity
microsoft
5.0
2001-06-27 CVE-2001-0336 Denial-Of-Service vulnerability in IIS Far East Edition
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.
network
low complexity
microsoft
5.0
2001-06-27 CVE-2001-0335 Unspecified vulnerability in Microsoft Internet Information Server
FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.
network
low complexity
microsoft
5.0
2001-06-27 CVE-2001-0334 Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
network
low complexity
microsoft CWE-131
7.5
2001-06-27 CVE-2001-0333 Unspecified vulnerability in Microsoft Internet Information Server
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding ..
network
low complexity
microsoft
7.5
2001-06-27 CVE-2001-0332 Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
network
low complexity
microsoft
5.0