CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Microsoft 6Commercial Internet System Internet Information ServerInternet Information Services+3 moreApr 16, 2026 Mar 30, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC...Show more |
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. |
1Microsoft 2Commercial Internet System Internet Information ServerApr 16, 2026 Sep 23, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. |
1Microsoft 3Commercial Internet System Site ServerSite Server CommerceApr 16, 2026 Sep 10, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. |
1Microsoft 3Commercial Internet System Internet Information ServerSite ServerApr 16, 2026 Aug 11, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. |
1Microsoft 4Commercial Internet System Internet Information ServerSite Server+1 moreApr 16, 2026 Aug 11, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. |