← CVECheck
HomeVulnerabilities

CVE-1999-1233 — HIGH severity vulnerability (IIS 4.0 does not properly restrict access for the initial se)

IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.

CVE IDCVE-1999-1233
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published1999-12-31
Last modified2026-04-16
DescriptionIIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →