Internet Information Server CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (111 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-1999-0348	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0349	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
CVE-1999-0448	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
CVE-1999-0736	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0737	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0738	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-0739	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
CVE-1999-1148	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
CVE-1999-1223	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.
CVE-1999-1375	1 Microsoft	1 Internet Information Server	2025-04-03	N/A
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
CVE-1999-1451	1 Microsoft	2 Internet Information Server, Site Server	2025-04-03	N/A
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.

« first previous Page 6 of 6.