Microsoft Frontpage 2000

CPE Details

Microsoft Frontpage 2000
microsoft
frontpage
2000
2007-08-23
19h16 +00:00
2008-04-15
20h39 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:microsoft:frontpage:2000:*:*:*:*:*:*:*

Informations

Vendor

microsoft

Product

frontpage

Version

2000

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2007-3109 2007-06-07 19h00 +00:00 The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
6.4
CVE-2007-0671 2007-02-03 00h00 +00:00 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
9.3
CVE-2006-3877 2006-10-10 20h00 +00:00 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
9.3
CVE-2005-2143 2005-07-05 04h00 +00:00 Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
5
CVE-2004-0573 2004-09-17 02h00 +00:00 Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
7.5
CVE-1999-1052 2001-09-12 02h00 +00:00 Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
5
CVE-2000-0709 2000-09-21 02h00 +00:00 The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
5
CVE-2000-0710 2000-09-21 02h00 +00:00 The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
5
CVE-2000-0746 2000-09-21 02h00 +00:00 Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
7.5
CVE-2000-0419 2000-07-12 02h00 +00:00 The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
7.5
CVE-2000-0413 2000-06-15 02h00 +00:00 The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
5
CVE-2000-0260 2000-06-02 02h00 +00:00 Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
7.5
CVE-2000-0256 2000-04-26 02h00 +00:00 Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.
7.5
CVE-2000-0153 2000-02-23 04h00 +00:00 FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
5
CVE-2000-0122 2000-02-08 04h00 +00:00 Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
5
CVE-1999-0012 1999-09-29 02h00 +00:00 Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
5
CVE-1999-0386 1999-09-29 02h00 +00:00 Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
5