Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-0910


Vulnerability Score 5.0 5.0
CVE Id CVE-1999-0910
Last Modified 09 Sep 2008 08:36:09
Published 10 Sep 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.

Vulnerable Systems


  • Microsoft Commercial Internet System 2.0

  • Microsoft Commercial Internet System 2.5

  • Microsoft Site Server 3.0

  • Microsoft Site Server Commerce 3.0


MS - MS99-035

BID - 625

Last Updated: 27 May 2016 10:35:11