Search Results (28 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0692 1 Microsoft 3 Frontpage Server Extensions, Windows 2000, Windows Xp 2026-04-16 N/A
Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.
CVE-1999-1052 1 Microsoft 1 Frontpage 2026-04-16 N/A
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
CVE-2005-2143 1 Microsoft 1 Frontpage 2026-04-16 N/A
Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
CVE-2000-0413 1 Microsoft 3 Frontpage, Internet Information Server, Internet Information Services 2026-04-16 N/A
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
CVE-2000-0153 1 Microsoft 2 Frontpage, Personal Web Server 2026-04-16 N/A
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-2001-0341 1 Microsoft 3 Frontpage Server Extensions, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
CVE-2000-0122 1 Microsoft 1 Frontpage 2026-04-16 N/A
Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
CVE-2013-3137 1 Microsoft 1 Frontpage 2025-04-11 N/A
Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."