Search criteria
15 vulnerabilities found for proxy_server by microsoft
FKIE_CVE-2004-0892
Vulnerability from fkie_nvd - Published: 2005-01-27 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | isa_server | 2000 | |
| microsoft | isa_server | 2000 | |
| microsoft | isa_server | 2000 | |
| microsoft | proxy_server | 2.0 | |
| microsoft | proxy_server | 2.0 | |
| microsoft | windows_2003_server | 2000 | |
| microsoft | windows_2003_server | 2003 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "80744BD9-85A9-4E33-8C35-59C8C112AC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7F2A1D83-7D2F-4408-B93E-FB53F724EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0FB3AF3C-4840-496F-A667-D39742A2133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CE48AD5F-D719-4D39-ACE1-53D0FE5F6525",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:2000:*:small_business_server:*:*:*:*:*",
"matchCriteriaId": "1DF610DF-6AE4-4CF3-A9AB-823228BEF157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:2003:*:small_business_server:*:*:*:*:*",
"matchCriteriaId": "EC8C7AFA-3D80-4E4D-906E-AC51BD055D89",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results."
}
],
"id": "CVE-2004-0892",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-0819
Vulnerability from fkie_nvd - Published: 2004-02-17 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | proxy_server | 2.0 | |
| microsoft | proxy_server | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CE48AD5F-D719-4D39-ACE1-53D0FE5F6525",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el filtro H.323 Microsoft Internet Security and Acceleration Server 2000 permite a atacantes remotos ejecutar c\u00f3digo arbitrario en el Servicio de Cortafuegos de Microsoft mediante cierto tr\u00e1fico H.323, como se demostr\u00f3 por por la suite de pruebas del protocolo H.225 NISCC/OUSPG PROTOS."
}
],
"id": "CVE-2003-0819",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-02-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10611"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9406"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9408"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008698"
},
{
"source": "cve@mitre.org",
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-0110
Vulnerability from fkie_nvd - Published: 2003-05-05 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | isa_server | 2000 | |
| microsoft | isa_server | 2000 | |
| microsoft | isa_server | 2000 | |
| microsoft | proxy_server | 2.0 | |
| microsoft | proxy_server | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "80744BD9-85A9-4E33-8C35-59C8C112AC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:fp1:*:*:*:*:*:*",
"matchCriteriaId": "098032EB-F5E2-4061-8DE2-BEDA6B192EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7F2A1D83-7D2F-4408-B93E-FB53F724EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CE48AD5F-D719-4D39-ACE1-53D0FE5F6525",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."
},
{
"lang": "es",
"value": "El servicio Winsock Proxy en Microsoft Proxy Server 2.0 y el servicio Microsoft Firewall en Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de cpu o tormenta de paquetes) mediante paquetes malformados, al puerto UDP 1745."
}
],
"id": "CVE-2003-0110",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0371
Vulnerability from fkie_nvd - Published: 2002-07-03 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | internet_explorer | 5.0.1 | |
| microsoft | internet_explorer | 5.0.1 | |
| microsoft | internet_explorer | 5.0.1 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 5.5 | |
| microsoft | internet_explorer | 6.0 | |
| microsoft | isa_server | 2000 | |
| microsoft | isa_server | 2000 | |
| microsoft | proxy_server | 2.0 | |
| microsoft | proxy_server | 2.0 | |
| university_of_minnesota | gopher | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A04FEA6-37B0-44B0-844F-55652ABA1F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4D56FB8E-2553-47C1-82A2-9E59023780CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8541EEED-94F4-42F8-9719-57F3EC85D52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40F8042F-C621-45AE-9F8C-70469579643A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2CD04E07-3664-4D4F-BF3E-6B33AF0F2D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D05ED9D0-CF78-4FAD-9371-6FB3D5825148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "80744BD9-85A9-4E33-8C35-59C8C112AC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:isa_server:2000:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7F2A1D83-7D2F-4408-B93E-FB53F724EB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CE48AD5F-D719-4D39-ACE1-53D0FE5F6525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:university_of_minnesota:gopher:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBBE0F3-7BBC-4FE8-BA0E-B1AC27B224F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario mediante una URL gopher:// que redirige al usuario a un servidor gopher real o simulado que env\u00eda una respuesta larga."
}
],
"id": "CVE-2002-0371",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-07-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"source": "cve@mitre.org",
"url": "http://www.pivx.com/workaround_fail.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4930"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pivx.com/workaround_fail.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2000-0246
Vulnerability from fkie_nvd - Published: 2000-03-30 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | commercial_internet_system | 2.0 | |
| microsoft | commercial_internet_system | 2.5 | |
| microsoft | internet_information_server | 4.0 | |
| microsoft | internet_information_services | 5.0 | |
| microsoft | proxy_server | 2.0 | |
| microsoft | site_server | 3.0 | |
| microsoft | site_server_commerce | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:commercial_internet_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81514AB5-388D-4D13-B63A-C237A502B86A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:commercial_internet_system:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "879AFDCC-B9D8-41EF-85DD-70CC1BD5227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D47E9C4-5439-4A82-BBD8-D6B482B47E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "413C07EA-139F-4B7D-A58B-835BD2591FA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:proxy_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7BF233-8DE6-4DC4-B9ED-5D4A180DD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A503018-356B-46D9-965F-60750B5B7484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:site_server_commerce:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD78B678-82A4-4485-BC4A-809A5FB105E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the \"Virtualized UNC Share\" vulnerability."
}
],
"id": "CVE-2000-0246",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-03-30T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1081"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2004-0892 (GCVE-0-2004-0892)
Vulnerability from cvelistv5 – Published: 2004-11-16 05:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:4264",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:4264",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:4264",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0892",
"datePublished": "2004-11-16T05:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0819 (GCVE-0-2003-0819)
Vulnerability from cvelistv5 – Published: 2004-01-15 05:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008698"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008698"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:478",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008698"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0819",
"datePublished": "2004-01-15T05:00:00",
"dateReserved": "2003-09-18T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0110 (GCVE-0-2003-0110)
Vulnerability from cvelistv5 – Published: 2003-04-15 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"name": "http://www.idefense.com/advisory/04.09.03.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0110",
"datePublished": "2003-04-15T04:00:00",
"dateReserved": "2003-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0371 (GCVE-0-2002-0371)
Vulnerability from cvelistv5 – Published: 2002-06-15 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4930",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pivx.com/workaround_fail.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4930",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pivx.com/workaround_fail.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"name": "http://www.pivx.com/workaround_fail.html",
"refsource": "MISC",
"url": "http://www.pivx.com/workaround_fail.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0371",
"datePublished": "2002-06-15T04:00:00",
"dateReserved": "2002-05-08T00:00:00",
"dateUpdated": "2024-08-08T02:49:27.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0246 (GCVE-0-2000-0246)
Vulnerability from cvelistv5 – Published: 2000-06-02 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MS00-019",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the \"Virtualized UNC Share\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MS00-019",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the \"Virtualized UNC Share\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS00-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"refsource": "MSKB",
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0246",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "2000-04-12T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0892 (GCVE-0-2004-0892)
Vulnerability from nvd – Published: 2004-11-16 05:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:4264",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:4264",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:4264",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4264"
},
{
"name": "oval:org.mitre.oval:def:4859",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4859"
},
{
"name": "isa-cache-reverse-spoof(17906)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17906"
},
{
"name": "11605",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11605"
},
{
"name": "MS04-039",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0892",
"datePublished": "2004-11-16T05:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0819 (GCVE-0-2003-0819)
Vulnerability from nvd – Published: 2004-01-15 05:00 – Updated: 2024-08-08 02:05
VLAI?
Summary
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008698"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9408"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:478",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008698"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9408"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:478",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A478"
},
{
"name": "9406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9406"
},
{
"name": "MS04-001",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-001"
},
{
"name": "10611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10611"
},
{
"name": "VU#749342",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/749342"
},
{
"name": "1008698",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008698"
},
{
"name": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm",
"refsource": "MISC",
"url": "http://www.uniras.gov.uk/vuls/2004/006489/h323.htm"
},
{
"name": "CA-2004-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2004-01.html"
},
{
"name": "9408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9408"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0819",
"datePublished": "2004-01-15T05:00:00",
"dateReserved": "2003-09-18T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0110 (GCVE-0-2003-0110)
Vulnerability from nvd – Published: 2003-04-15 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104994487012027\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:406",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A406"
},
{
"name": "http://www.idefense.com/advisory/04.09.03.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/04.09.03.txt"
},
{
"name": "MS03-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0110",
"datePublished": "2003-04-15T04:00:00",
"dateReserved": "2003-02-26T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0371 (GCVE-0-2002-0371)
Vulnerability from nvd – Published: 2002-06-15 04:00 – Updated: 2024-08-08 02:49
VLAI?
Summary
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:27.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4930",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pivx.com/workaround_fail.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4930",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pivx.com/workaround_fail.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4930"
},
{
"name": "ie-gopher-bo(9247)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9247.php"
},
{
"name": "20020604 Buffer overflow in MSIE gopher code",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102320516707940\u0026w=2"
},
{
"name": "20020613 Microsoft releases critical fix that breaks their own software!",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102397955217618\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:98",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
},
{
"name": "VU#440275",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/440275"
},
{
"name": "MS02-027",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
},
{
"name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276848"
},
{
"name": "http://www.pivx.com/workaround_fail.html",
"refsource": "MISC",
"url": "http://www.pivx.com/workaround_fail.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0371",
"datePublished": "2002-06-15T04:00:00",
"dateReserved": "2002-05-08T00:00:00",
"dateUpdated": "2024-08-08T02:49:27.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0246 (GCVE-0-2000-0246)
Vulnerability from nvd – Published: 2000-06-02 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MS00-019",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1081"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the \"Virtualized UNC Share\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MS00-019",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1081"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the \"Virtualized UNC Share\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS00-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019"
},
{
"name": "Q249599",
"refsource": "MSKB",
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=249599"
},
{
"name": "1081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1081"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0246",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "2000-04-12T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}