Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with βIf: <http://β in a PROPFIND request, as exploited in the wild in July or August 2016.
7.7 High
AI Score
Confidence
0.971 High
EPSS
Percentile
99.8%