Known Vulnerabilities for Internet Information Services by Microsoft
Listed below are 10 of the newest known vulnerabilities associated with "Internet Information Services" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2014-4078 | The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow... | 5.1 - MEDIUM | 2014-11-11 | 2018-10-12 |
| CVE-2011-5279 | CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Window... | 5 - MEDIUM | 2014-04-23 | 2020-11-23 |
| CVE-2010-3972 | Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7... | 10 - HIGH | 2010-12-23 | 2021-02-05 |
| CVE-2010-3332 | Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet In... | 6.4 - MEDIUM | 2010-09-22 | 2020-11-23 |
| CVE-2010-2730 | Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to exe... | 9.3 - HIGH | 2010-09-15 | 2021-02-05 |
| CVE-2010-1899 | Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and... | 4.3 - MEDIUM | 2010-09-15 | 2021-02-05 |
| CVE-2009-4444 | Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) characte... | 6 - MEDIUM | 2009-12-29 | 2020-11-23 |
| CVE-2009-2521 | Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows re... | 5 - MEDIUM | 2009-09-04 | 2023-11-07 |
| CVE-2009-1535 | The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based... | 7.5 - HIGH | 2009-06-10 | 2020-11-23 |
| CVE-2009-1122 | The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, ... | 7.5 - HIGH | 2009-06-10 | 2020-11-23 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Internet Information Services | 8.5 | All | All | All |
| Application | Microsoft | Internet Information Services | 8.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 7.5 | All | All | All |
| Application | Microsoft | Internet Information Services | 7.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 6.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 5.1 | All | All | All |
| Application | Microsoft | Internet Information Services | 5.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 4.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 3.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 2.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 10.0 | All | All | All |
| Application | Microsoft | Internet Information Services | 1.0 | All | All | All |
| Application | Microsoft | Internet Information Services | - | All | All | All |