Microsoft » Index Server : Security Vulnerabilities, CVEs, CVSS score >= 6

CVE-2001-0500

Public exploit
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
Max CVSS
10.0
EPSS Score
96.73%
Published
2001-07-21
Updated
2018-10-12

CVE-2001-0244

Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter.
Max CVSS
7.5
EPSS Score
0.42%
Published
2001-06-27
Updated
2018-10-12

CVE-1999-1397

Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Max CVSS
7.5
EPSS Score
2.49%
Published
1999-03-23
Updated
2016-10-18

CVE-1999-1011

Public exploit
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
68.33%
Published
1999-07-19
Updated
2018-10-15
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close