CVE-1999-0681 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	21%	–	–
2022-04-03	–	–	21%	–	–
2023-02-26	–	–	21%	–	–
2023-03-12	–	–	–	2.6%	–
2023-04-09	–	–	–	2.23%	–
2024-02-11	–	–	–	2.23%	–
2024-06-02	–	–	–	2.23%	–
2024-12-22	–	–	–	2%	–
2025-01-19	–	–	–	2%	–
2025-03-18	–	–	–	–	11.66%
2025-03-30	–	–	–	–	11.5%
2025-03-30	–	–	–	–	11.5,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	94%
2022-04-03	96%
2023-02-26	97%
2023-03-12	89%
2023-04-09	88%
2024-02-11	89%
2024-06-02	9%
2024-12-22	96%
2025-01-19	96%
2025-03-18	93%
2025-03-30	93%
2025-03-30	93%

source: https://www.securityfocus.com/bid/568/info A 'GET' request for a URL longer than 166 characters will overflow a buffer and cause the web server to crash with the following or similar error message: VHTTPD32 caused an invalid page fault in module VHTTPD32.EXE at 0137:0040aaed. Registers: EAX=010d7740 CS=0137 EIP=0040aaed EFLGS=00010202 EBX=00000000 SS=013f ESP=010d53d0 EBP=010d0074 ECX=010d7740 DS=013f ESI=010d7740 FS=13c7 EDX=000000a8 ES=013f EDI=bff92ac1 GS=0000 Bytes at CS:EIP: ff 75 10 56 68 94 01 00 00 eb 1c 68 00 24 40 00 Stack dump: 00000010 010d7740 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19445.zip