Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:internet_information_server:5.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-3023 |
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." Published: August 31, 2009; 4:30:01 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2001-0500 |
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. Published: July 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |