Microsoft » Indexing Service : Security Vulnerabilities, CVEs, CVSS score >= 5
CVE-2001-0500
Public exploit
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Max CVSS
10.0
EPSS Score
96.73%
Published
2001-07-21
Updated
2018-10-12
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
Max CVSS
5.0
EPSS Score
92.20%
Published
2001-06-27
Updated
2018-10-12
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
Max CVSS
5.1
EPSS Score
95.02%
Published
2000-12-19
Updated
2018-10-12
3 vulnerabilities found