Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-02-11 | CVE-1999-1375 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | 5.0 |
| 1999-02-09 | CVE-1999-0407 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | 10.0 |
| 1999-02-08 | CVE-1999-0366 | Improper Authentication vulnerability in Microsoft Windows NT 4.0 In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. | 7.5 |
| 1999-02-06 | CVE-1999-1201 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | 5.0 |
| 1999-02-02 | CVE-1999-1453 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | 2.6 |
| 1999-01-30 | CVE-1999-0360 | Unspecified vulnerability in Microsoft Site Server 2.0 MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely. | 7.2 |
| 1999-01-27 | CVE-1999-0349 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Information Server 3.0/4.0 A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | 7.5 |
| 1999-01-27 | CVE-1999-0348 | Information Exposure vulnerability in Microsoft Internet Information Server 4.0 IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. | 5.0 |
| 1999-01-26 | CVE-1999-0450 | Unspecified vulnerability in Microsoft products In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | 7.5 |
| 1999-01-26 | CVE-1999-0449 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | 7.8 |