Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Frontpage  >> 2003  Security Vulnerabilities
CVE-2000-0746
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
CVSS Score
7.5
EPSS Score
0.183
Published
2000-10-20
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
CVSS Score
5.0
EPSS Score
0.594
Published
2000-05-06
CVE-2000-0256
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
CVSS Score
7.5
EPSS Score
0.307
Published
2000-04-19
CVE-2000-0260
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
CVSS Score
7.5
EPSS Score
0.229
Published
2000-04-14
CVE-1999-1052
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
CVSS Score
5.0
EPSS Score
0.422
Published
1999-08-24
CVE-2000-0153
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVSS Score
5.0
EPSS Score
0.308
Published
1999-03-26
CVE-1999-0386
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
CVSS Score
5.0
EPSS Score
0.744
Published
1999-03-01
CVE-1999-0012
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVSS Score
7.0
EPSS Score
0.004
Published
1998-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved