Microsoft » Index Server : Security Vulnerabilities, CVEs, Published In 1999
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Max CVSS
7.5
EPSS Score
2.49%
Published
1999-03-23
Updated
2016-10-18
CVE-1999-1011
Public exploit
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
68.33%
Published
1999-07-19
Updated
2018-10-15
2 vulnerabilities found