Microsoft Corporation

Short Name: Microsoft
Previous Names: [None Entered]
URL: http://www..microsoft.com/ [visit link]
Email: [None Entered]
Security URL: http://www.microsoft.com/security/ [visit link]
Security Email: securemicrosoft.com
Knowledge Base: http://support.microsoft.com/default.aspx?scid=fh;EN-US;KBHOWTO [visit link]
Notes: Contact web form: http://support.microsoft.com/common/international.aspx?rdpath=fh;en-us;cntactms Security web form: https://www.microsoft.com/technet/security/bulletin/alertus.aspx.

Vulnerabilities by Vendor Product

Microsoft Corporation

Microsoft Corporation
InfoPath 2007 Watch-list
SP2
SP3
InfoPath 2003 Watch-list
SP0
Index Server Watch-list
2.0
OSVDB ID: 272 Microsoft IIS MDAC RDS Arbitrary Remote Command Execution
OSVDB ID: 1210 Microsoft IIS WebHits.dll ISAPI Filter Traversal Arbitrary File Access
OSVDB ID: 96 Microsoft IIS idq.dll Traversal Arbitrary File Access
OSVDB ID: 271 Microsoft IIS WebHits null.htw .asp Source Disclosure
HTML Help Control Watch-list
5.2.3735 .1
OSVDB ID: 2745 Microsoft HTML Help Control Privilege Escalation
InfoPath Watch-list
2003
OSVDB ID: 29430 Microsoft Office Malformed Smart Tag Arbitrary Code Execution
OSVDB ID: 29428 Microsoft Office Malformed Chart Record Unspecified Arbitrary Code Execution
OSVDB ID: 9951 Microsoft Multiple Products GDIPlus.dll JPEG Processing Overflow
2007 SP2
OSVDB ID: 86059 Microsoft Multiple Product HTML String Sanitization XSS Weakness
2007 SP3
OSVDB ID: 86059 Microsoft Multiple Product HTML String Sanitization XSS Weakness
2010 32-bit edition SP1
OSVDB ID: 86059 Microsoft Multiple Product HTML String Sanitization XSS Weakness
2010 64-bit edition SP1
OSVDB ID: 86059 Microsoft Multiple Product HTML String Sanitization XSS Weakness
2010 SP1
OSVDB ID: 92129 Microsoft Office HTML Sanitization Component Unspecified XSS
HTML Help Workshop Watch-list
4.74.8702.0
OSVDB ID: 22941 Microsoft HTML Help Workshop .hhp Parsing Overflow
IIS Watch-list
4.0
OSVDB ID: 470 Microsoft IIS Form_JScript.asp XSS
OSVDB ID: 3231 Microsoft IIS Log Bypass
OSVDB ID: 3284 Microsoft IIS Winmsdp.exe Arbitrary File Retrieval
OSVDB ID: 3301 Microsoft IIS ASP Chunked Encoding Variant Heap Overflow
OSVDB ID: 3316 Microsoft IIS HTTP Header Field Delimiter Overflow
OSVDB ID: 3320 Microsoft IIS ASP Server-Side Include Buffer Overflow
OSVDB ID: 3338 Microsoft IIS Help File XSS
OSVDB ID: 3500 Microsoft IIS fpcount.exe Remote Overflow
OSVDB ID: 4863 Microsoft IIS Active Server Page Header DoS
OSVDB ID: 5566 Microsoft IIS Form_VBScript.asp XSS
OSVDB ID: 9314 Microsoft IIS mkilog.exe ODBC Sample Arbitrary Command Execution
OSVDB ID: 9315 Microsoft IIS getdrvs.exe ODBC Sample Information Disclosure
OSVDB ID: 391 Microsoft IIS IDA/IDQ Document Root Path Disclosure
OSVDB ID: 274 Microsoft IIS ctss.idc ODBC Sample Arbitrary Command Execution
OSVDB ID: 3326 Microsoft IIS w3svc.dll ISAPI Filter URL Handling Remote DoS
OSVDB ID: 5584 Microsoft IIS URL Redirection Malformed Length DoS
OSVDB ID: 283 Microsoft IIS /iissamples Multiple Sample Scripts Installed
OSVDB ID: 2106 Microsoft Media Services ISAPI nsiislog.dll Overflow
OSVDB ID: 3341 Microsoft IIS Redirect Response XSS
OSVDB ID: 5993 Microsoft Active Server Pages (ASP) Engine Malformed Cookie Handling Remote Information Disclosure
OSVDB ID: 3328 Microsoft IIS FTP Status Request DoS
OSVDB ID: 4 Microsoft IIS ExAir advsearch.asp Direct Request Remote DoS
OSVDB ID: 3 Microsoft IIS ExAir query.asp Direct Request Remote DoS
OSVDB ID: 3325 Microsoft IIS HTR ISAPI Overflow
OSVDB ID: 7265 Microsoft IIS .ASP Session ID Disclosure and Hijacking
OSVDB ID: 2 Microsoft IIS ExAir search.asp Direct Request DoS
OSVDB ID: 930 Microsoft IIS Shared ASP Cache Information Disclosure
OSVDB ID: 3512 Microsoft IIS ODBC Tool getdrvrs.exe Remote DSN Creation
OSVDB ID: 41063 Microsoft IIS ODBC Tool newdsn.exe Remote DSN Creation
OSVDB ID: 272 Microsoft IIS MDAC RDS Arbitrary Remote Command Execution
OSVDB ID: 1210 Microsoft IIS WebHits.dll ISAPI Filter Traversal Arbitrary File Access
OSVDB ID: 96 Microsoft IIS idq.dll Traversal Arbitrary File Access
OSVDB ID: 271 Microsoft IIS WebHits null.htw .asp Source Disclosure
OSVDB ID: 71856 Microsoft IIS Status Header Handling Remote Overflow
OSVDB ID: 436 Microsoft IIS Unicode Remote Command Execution
OSVDB ID: 13634 Microsoft IIS Inetinfo.exe Malformed Long Mail File Name DoS
OSVDB ID: 568 Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
OSVDB ID: 577 FrontPage Server Extensions Visual Studio RAD Support Overflow
OSVDB ID: 14229 Microsoft IIS asp.dll Scripting.FileSystemObject Malformed Program DoS
OSVDB ID: 768 Microsoft IIS ASP Chunked Encoding Heap Overflow
OSVDB ID: 3339 Microsoft IIS HTTP Error Page XSS
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
3.0
OSVDB ID: 9314 Microsoft IIS mkilog.exe ODBC Sample Arbitrary Command Execution
OSVDB ID: 9315 Microsoft IIS getdrvs.exe ODBC Sample Information Disclosure
OSVDB ID: 11101 Microsoft IIS Multiple Slash ASP Page Request DoS
OSVDB ID: 391 Microsoft IIS IDA/IDQ Document Root Path Disclosure
OSVDB ID: 274 Microsoft IIS ctss.idc ODBC Sample Arbitrary Command Execution
OSVDB ID: 272 Microsoft IIS MDAC RDS Arbitrary Remote Command Execution
OSVDB ID: 96 Microsoft IIS idq.dll Traversal Arbitrary File Access
OSVDB ID: 275 Microsoft IIS newdsn.exe Remote Arbitrary File Creation
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
5.0
OSVDB ID: 3231 Microsoft IIS Log Bypass
OSVDB ID: 3301 Microsoft IIS ASP Chunked Encoding Variant Heap Overflow
OSVDB ID: 3316 Microsoft IIS HTTP Header Field Delimiter Overflow
OSVDB ID: 3320 Microsoft IIS ASP Server-Side Include Buffer Overflow
OSVDB ID: 3338 Microsoft IIS Help File XSS
OSVDB ID: 4863 Microsoft IIS Active Server Page Header DoS
OSVDB ID: 5633 Microsoft IIS Invalid WebDAV Request DoS
OSVDB ID: 9314 Microsoft IIS mkilog.exe ODBC Sample Arbitrary Command Execution
OSVDB ID: 9315 Microsoft IIS getdrvs.exe ODBC Sample Information Disclosure
OSVDB ID: 4655 Microsoft IIS ssinc.dll Long Filename Overflow
OSVDB ID: 15342 Microsoft IIS Persistent FTP Banner Information Disclosure
OSVDB ID: 18926 Microsoft IIS SERVER_NAME Variable Spoofing Filter Bypass
OSVDB ID: 391 Microsoft IIS IDA/IDQ Document Root Path Disclosure
OSVDB ID: 274 Microsoft IIS ctss.idc ODBC Sample Arbitrary Command Execution
OSVDB ID: 3326 Microsoft IIS w3svc.dll ISAPI Filter URL Handling Remote DoS
OSVDB ID: 5584 Microsoft IIS URL Redirection Malformed Length DoS
OSVDB ID: 2106 Microsoft Media Services ISAPI nsiislog.dll Overflow
OSVDB ID: 3341 Microsoft IIS Redirect Response XSS
OSVDB ID: 5606 Microsoft IIS WebDAV PROPFIND Request DoS
OSVDB ID: 3328 Microsoft IIS FTP Status Request DoS
OSVDB ID: 56474 Microsoft IIS WebDAV Extension URL Decode Crafted HTTP Request Authentication Bypass
OSVDB ID: 4864 Microsoft IIS TRACK Logging Failure
OSVDB ID: 3325 Microsoft IIS HTR ISAPI Overflow
OSVDB ID: 7265 Microsoft IIS .ASP Session ID Disclosure and Hijacking
OSVDB ID: 57753 Microsoft IIS FTP Server Crafted Recursive Listing Remote DoS
OSVDB ID: 1210 Microsoft IIS WebHits.dll ISAPI Filter Traversal Arbitrary File Access
OSVDB ID: 271 Microsoft IIS WebHits null.htw .asp Source Disclosure
OSVDB ID: 71856 Microsoft IIS Status Header Handling Remote Overflow
OSVDB ID: 390 Microsoft IIS Translate f: Request ASP Source Disclosure
OSVDB ID: 57589 Microsoft IIS FTP Server NLST Command Remote Overflow
OSVDB ID: 436 Microsoft IIS Unicode Remote Command Execution
OSVDB ID: 1621 Microsoft Indexing Services for Windows 2000 .htw XSS
OSVDB ID: 3323 Microsoft IIS ISAPI .printer Extension Host Header Overflow
OSVDB ID: 568 Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
OSVDB ID: 577 FrontPage Server Extensions Visual Studio RAD Support Overflow
OSVDB ID: 14229 Microsoft IIS asp.dll Scripting.FileSystemObject Malformed Program DoS
OSVDB ID: 5736 Microsoft IIS Relative Path System Privilege Escalation
OSVDB ID: 768 Microsoft IIS ASP Chunked Encoding Heap Overflow
OSVDB ID: 3339 Microsoft IIS HTTP Error Page XSS
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
2.0
OSVDB ID: 275 Microsoft IIS newdsn.exe Remote Arbitrary File Creation
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
5.1
OSVDB ID: 3301 Microsoft IIS ASP Chunked Encoding Variant Heap Overflow
OSVDB ID: 3316 Microsoft IIS HTTP Header Field Delimiter Overflow
OSVDB ID: 3320 Microsoft IIS ASP Server-Side Include Buffer Overflow
OSVDB ID: 3338 Microsoft IIS Help File XSS
OSVDB ID: 4863 Microsoft IIS Active Server Page Header DoS
OSVDB ID: 15342 Microsoft IIS Persistent FTP Banner Information Disclosure
OSVDB ID: 18926 Microsoft IIS SERVER_NAME Variable Spoofing Filter Bypass
OSVDB ID: 3326 Microsoft IIS w3svc.dll ISAPI Filter URL Handling Remote DoS
OSVDB ID: 3341 Microsoft IIS Redirect Response XSS
OSVDB ID: 3328 Microsoft IIS FTP Status Request DoS
OSVDB ID: 67978 Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
OSVDB ID: 67980 Microsoft IIS Unspecified Remote Directory Authentication Bypass
OSVDB ID: 57589 Microsoft IIS FTP Server NLST Command Remote Overflow
OSVDB ID: 3339 Microsoft IIS HTTP Error Page XSS
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
4
OSVDB ID: 5693 Microsoft MS00-060 Patch IIS Malformed Request DoS
5
OSVDB ID: 5693 Microsoft MS00-060 Patch IIS Malformed Request DoS
5.x
OSVDB ID: 5993 Microsoft Active Server Pages (ASP) Engine Malformed Cookie Handling Remote Information Disclosure
6.0
OSVDB ID: 15342 Microsoft IIS Persistent FTP Banner Information Disclosure
OSVDB ID: 18926 Microsoft IIS SERVER_NAME Variable Spoofing Filter Bypass
OSVDB ID: 5993 Microsoft Active Server Pages (ASP) Engine Malformed Cookie Handling Remote Information Disclosure
OSVDB ID: 65216 Microsoft IIS Extended Protection for Authentication Memory Corruption
OSVDB ID: 82848 Microsoft IIS $INDEX_ALLOCATION Data Stream Request Authentication Bypass
OSVDB ID: 57753 Microsoft IIS FTP Server Crafted Recursive Listing Remote DoS
OSVDB ID: 390 Microsoft IIS Translate f: Request ASP Source Disclosure
OSVDB ID: 57589 Microsoft IIS FTP Server NLST Command Remote Overflow
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
OSVDB ID: 630 Microsoft IIS Multiple Malformed Header Field Internal IP Address Disclosure
4.0
OSVDB ID: 9199 Microsoft IIS shtml.dll XSS
OSVDB ID: 9200 Microsoft IIS Unspecified XSS Variant
OSVDB ID: 11257 Microsoft IIS Malformed GET Request DoS
OSVDB ID: 782 Microsoft IIS / Site Server codebrws.asp Arbitrary File Access
OSVDB ID: 15749 Microsoft IIS / Site Server code.asp Arbitrary File Access
OSVDB ID: 474 Microsoft IIS / Site Server viewcode.asp Arbitrary File Access
OSVDB ID: 13428 Microsoft IIS aexp2b.htr Password Policy Bypass
OSVDB ID: 13427 Microsoft IIS aexp2.htr Password Policy Bypass
OSVDB ID: 13429 Microsoft IIS aexp3.htr Password Policy Bypass
OSVDB ID: 13430 Microsoft IIS aexp4.htr Password Policy Bypass
OSVDB ID: 8098 Microsoft IIS Virtual Directory ASP Source Disclosure
OSVDB ID: 7 Microsoft IIS / Site Server showcode.asp source Parameter Traversal Arbitrary File Access
OSVDB ID: 273 Microsoft IIS Upgrade ism.dll Local Privilege Escalation
5.0
OSVDB ID: 9199 Microsoft IIS shtml.dll XSS
OSVDB ID: 9200 Microsoft IIS Unspecified XSS Variant
3.0
OSVDB ID: 11257 Microsoft IIS Malformed GET Request DoS
6.0
5.0
6.0 beta
OSVDB ID: 568 Microsoft IIS idq.dll IDA/IDQ ISAPI Remote Overflow
5.1
OSVDB ID: 66160 Microsoft IIS Basic Authentication NTFS Stream Name Permissions Bypass
OSVDB ID: 21805 Microsoft IIS Crafted URL Remote DoS
4
5
5.1
4.0
4
OSVDB ID: 13431 Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure
5
OSVDB ID: 13431 Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure
OSVDB ID: 425 Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing
5.1
OSVDB ID: 13431 Microsoft IIS WebDAV Malformed PROPFIND Request Internal IP Disclosure
6
OSVDB ID: 425 Microsoft IIS WebDAV SEARCH Method Arbitrary Directory Forced Listing
7
OSVDB ID: 67979 Microsoft IIS FastCGI Request Header Handling Remote Overflow
OSVDB ID: 67978 Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
6
OSVDB ID: 67978 Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
7.5
OSVDB ID: 67978 Microsoft IIS Repeated Parameter Request Unspecified Remote DoS
OSVDB ID: 82848 Microsoft IIS $INDEX_ALLOCATION Data Stream Request Authentication Bypass
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
7.5
OSVDB ID: 70167 Microsoft IIS FTP Server Telnet IAC Character Handling Overflow
7.0
OSVDB ID: 65216 Microsoft IIS Extended Protection for Authentication Memory Corruption
7.5
OSVDB ID: 65216 Microsoft IIS Extended Protection for Authentication Memory Corruption
6.0
7.5
Unspecified
OSVDB ID: 83454 Microsoft IIS ODBC Tool ctguestb.idc Unauthenticated Remote DSN Initialization
OSVDB ID: 52238 Microsoft IIS IDC Extension XSS
5.0
2.0
3.0
5.1
4.0
6.0
7.5
1.0
OSVDB ID: 83771 Microsoft IIS Tilde Character Request Parsing File / Folder Name Information Disclosure
5.0
OSVDB ID: 86899 Microsoft IIS 302 Redirect Message Internal IP Address Remote Disclosure
4.0
OSVDB ID: 86899 Microsoft IIS 302 Redirect Message Internal IP Address Remote Disclosure
6.0
OSVDB ID: 86899 Microsoft IIS 302 Redirect Message Internal IP Address Remote Disclosure
7.5
OSVDB ID: 87261 Microsoft IIS Log File Permission Weakness Local Password Disclosure
7.0
OSVDB ID: 87262 Microsoft IIS FTP Command Injection Information Disclosure
7.5
OSVDB ID: 87262 Microsoft IIS FTP Command Injection Information Disclosure
IIS Watch-list
5.0
iac25_32.ax Watch-list
2.0.5.53
OSVDB ID: 67551 Microsoft Windows Indeo Codec (ac25_32.ax) Path Subversion Arbitrary DLL Injection Code Execution
InfoPath 2003 Watch-list
SP0

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use