Most Exploitable CVEs of 1999


The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
over 21 years ago


OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
almost 22 years ago


A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
about 22 years ago


IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
about 21 years ago


The KDE klock program allows local users to unlock a session using malformed input.
over 21 years ago


In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
about 22 years ago


In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
about 22 years ago