Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Commercial Internet System
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-0246 1 Microsoft 6 Commercial Internet System, Internet Information Server, Internet Information Services and 3 more 2024-11-20 5.0 MEDIUM N/A
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
CVE-2000-0053 1 Microsoft 1 Commercial Internet System 2024-11-20 7.5 HIGH N/A
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.
CVE-1999-0910 1 Microsoft 3 Commercial Internet System, Site Server, Site Server Commerce 2024-11-20 5.0 MEDIUM N/A
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
CVE-1999-0867 1 Microsoft 3 Commercial Internet System, Internet Information Server, Site Server 2024-11-20 5.0 MEDIUM N/A
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
CVE-1999-0861 1 Microsoft 4 Commercial Internet System, Internet Information Server, Site Server and 1 more 2024-11-20 2.6 LOW N/A
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
CVE-1999-0777 1 Microsoft 2 Commercial Internet System, Internet Information Server 2024-11-20 7.5 HIGH N/A
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.