Microsoft: >> Frontpage >> 2000 Security Vulnerabilities
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
CVSS Score
7.5
EPSS Score
0.307
Published
2000-04-19
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
CVSS Score
7.5
EPSS Score
0.229
Published
2000-04-14
Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
CVSS Score
5.0
EPSS Score
0.403
Published
2000-02-03
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
CVSS Score
5.0
EPSS Score
0.422
Published
1999-08-24
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVSS Score
5.0
EPSS Score
0.308
Published
1999-03-26
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
CVSS Score
5.0
EPSS Score
0.744
Published
1999-03-01
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVSS Score
7.0
EPSS Score
0.004
Published
1998-02-06
Page 2