Is CVE-1999-0910 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Commercial_internet_system

CVE-1999-0910

Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.

EPSS: 0.058 (92.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Commercial_internet_system — versions 2.0, 2.5
Microsoft Site_server — versions 3.0
Microsoft Site_server_commerce — versions 3.0
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

cve@mitre.org (x_refsource_MS, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-1999-0910?: CVE-1999-0910 is a vulnerability in Microsoft Commercial_internet_system. Published 1999-09-10.
Is CVE-1999-0910 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.