cpe:/a:microsoft:commercial_internet_system:2.0 cpe:/a:microsoft:commercial_internet_system:2.5 cpe:/a:microsoft:site_server:3.0 cpe:/a:microsoft:site_server_commerce:3.0:alpha CVE-1999-0910 1999-09-10T00:00:00.000-04:00 2008-09-09T08:36:09.507-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 625 MS MS99-035 Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.