Microsoft » Internet Information Services » 7.5 : Security Vulnerabilities, CVEs,
CVE-2010-3972
Public exploit
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
96.84%
Published
2010-12-23
Updated
2021-02-05
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
28.26%
Published
2010-09-15
Updated
2021-02-05
CVE-2010-1899
Public exploit
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter Request Denial of Service Vulnerability."
Max CVSS
4.3
EPSS Score
96.96%
Published
2010-09-15
Updated
2021-02-05
3 vulnerabilities found