CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0075

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile18.86th
PublishedFeb 12, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Internet Information Server

= 6.0
πŸ“¦
Microsoft

Internet Information Server

= 6.0

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=120361015026386&w=2
πŸ”— http://secunia.com/advisories/28893
πŸ”— http://www.securityfocus.com/bid/27676
πŸ”— http://www.securitytracker.com/id?1019385
πŸ”— http://www.us-cert.gov/cas/techalerts/TA08-043C.html
πŸ”— http://www.vupen.com/english/advisories/2008/0508/references
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-006
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5308

Related Vulnerabilities

CVE-2007-281510.0

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Wind...

CVE-2011-065410.0

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys...

CVE-2003-022410.0

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code vi...

CVE-2019-129289.8

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker ...