Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-0412


Vulnerability Score 7.5 7.5
CVE Id CVE-1999-0412
Last Modified 09 Sep 2008 08:34:30
Published 19 Feb 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

Vulnerable Systems


  • Microsoft Internet Information Server 2.0

  • Microsoft Internet Information Server 3.0

  • Microsoft Internet Information Server 4.0


BID - 501

Last Updated: 27 May 2016 10:34:58