Known Vulnerabilities for Internet Information Services by Microsoft
Listed below are 10 of the newest known vulnerabilities associated with "Internet Information Services" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2017-7269 json | Not Provided | 2017-03-27 | 2026-04-21 | |
| CVE-2014-4078 json | The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow... | 5.1 - MEDIUM | 2014-11-11 | 2018-10-12 |
| CVE-2011-5279 json | CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Window... | 5 - MEDIUM | 2014-04-23 | 2020-11-23 |
| CVE-2010-3972 json | Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7... | 10 - HIGH | 2010-12-23 | 2021-02-05 |
| CVE-2010-3332 json | Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet In... | 6.4 - MEDIUM | 2010-09-22 | 2020-11-23 |
| CVE-2010-2730 json | Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to exe... | 9.3 - HIGH | 2010-09-15 | 2021-02-05 |
| CVE-2010-1899 json | Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and... | 4.3 - MEDIUM | 2010-09-15 | 2021-02-05 |
| CVE-2009-4445 json | Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, all... | 6 - MEDIUM | 2009-12-29 | 2017-08-17 |
| CVE-2009-4444 json | Microsoft Internet Information Services (IIS) 5.x and 6.x uses only the portion of a filename before a ; (semicolon) characte... | 6 - MEDIUM | 2009-12-29 | 2020-11-23 |
| CVE-2009-2521 json | Stack consumption vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows re... | 5 - MEDIUM | 2009-09-04 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Internet Information Services | 8.5 | |||
| Application | Microsoft | Internet Information Services | 8.0 | |||
| Application | Microsoft | Internet Information Services | 7.5 | |||
| Application | Microsoft | Internet Information Services | 7.0 | |||
| Application | Microsoft | Internet Information Services | 6.0 | |||
| Application | Microsoft | Internet Information Services | 5.1 | |||
| Application | Microsoft | Internet Information Services | 5.0 | |||
| Application | Microsoft | Internet Information Services | 4.0 | |||
| Application | Microsoft | Internet Information Services | 3.0 | |||
| Application | Microsoft | Internet Information Services | 2.0 | |||
| Application | Microsoft | Internet Information Services | 10.0 | |||
| Application | Microsoft | Internet Information Services | 1.0 | |||
| Application | Microsoft | Internet Information Services | - |