Lucene search

K
cveMicrosoftCVE-2008-0074
HistoryFeb 12, 2008 - 9:00 p.m.

CVE-2008-0074

2008-02-1221:00:00
CWE-264
microsoft
web.nvd.nist.gov
162
cve-2008-0074
microsoft
iis
vulnerability
local users
privileges
file change notifications

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

9.5%

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.

Affected configurations

Nvd
Node
microsoftinternet_information_serverMatch6.0
OR
microsoftinternet_information_serverMatch6.0beta
OR
microsoftinternet_information_servicesMatch5.0
VendorProductVersionCPE
microsoftinternet_information_server6.0cpe:/a:microsoft:internet_information_server:6.0:::
microsoftinternet_information_services5.0cpe:/a:microsoft:internet_information_services:5.0:::
microsoftinternet_information_server6.0cpe:/a:microsoft:internet_information_server:6.0:beta::

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

9.5%