Product:

Internet_information_server

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 108
Date Id Summary Products Score Patch Annotated
2007-01-05 CVE-2007-0087 Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would... Internet_information_server N/A
2017-03-27 CVE-2017-7269 Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Internet_information_server 9.8
2001-06-27 CVE-2001-0334 FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. Internet_information_server 7.5
2010-06-08 CVE-2010-1256 Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability." Internet_information_server N/A
1999-01-27 CVE-1999-0349 A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. Internet_information_server N/A
1999-01-27 CVE-1999-0348 IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. Internet_information_server N/A
1999-06-16 CVE-1999-0874 Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. Internet_information_server, Windows_2000, Windows_nt N/A
1999-08-11 CVE-1999-0867 Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. Commercial_internet_system, Internet_information_server, Site_server N/A