Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
1999-02-19 | CVE-1999-0412 | Unspecified vulnerability in Microsoft products In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. | 7.5 |
1999-02-11 | CVE-1999-1375 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | 5.0 |
1999-02-09 | CVE-1999-0407 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. | 10.0 |
1999-02-06 | CVE-1999-1201 | Unspecified vulnerability in Microsoft Windows 95 and Windows 98 Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. | 5.0 |
1999-02-02 | CVE-1999-1453 | Unspecified vulnerability in Microsoft Internet Explorer 4.0 Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | 2.6 |
1999-01-30 | CVE-1999-0360 | Unspecified vulnerability in Microsoft Site Server 2.0 MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely. | 7.2 |
1999-01-26 | CVE-1999-0450 | Unspecified vulnerability in Microsoft products In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). | 7.5 |
1999-01-26 | CVE-1999-0449 | Unspecified vulnerability in Microsoft Internet Information Server 4.0 The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | 7.8 |
1999-01-25 | CVE-1999-0357 | Unspecified vulnerability in Microsoft Windows 98 Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. | 5.0 |
1999-01-24 | CVE-1999-1544 | Unspecified vulnerability in Microsoft Internet Information Server 3.0/4.0 Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | 5.0 |