CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-0075

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0860%
EPSS Percentile18.86th
Published2008年2月12日
Last Modified2026年4月23日

Vulnerability Description

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.

Affected Platforms (CPE)

📦
Microsoft

Internet Information Server

= 6.0
📦
Microsoft

Internet Information Server

= 6.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=120361015026386&w=2
🔗 http://secunia.com/advisories/28893
🔗 http://www.securityfocus.com/bid/27676
🔗 http://www.securitytracker.com/id?1019385
🔗 http://www.us-cert.gov/cas/techalerts/TA08-043C.html
🔗 http://www.vupen.com/english/advisories/2008/0508/references
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-006
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5308

相关漏洞威胁

CVE-2007-281510.0

The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Wind...

CVE-2011-065410.0

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys...

CVE-2003-022410.0

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code vi...

CVE-2019-129289.8

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker ...