Lucene search

K
kasperskyKaspersky LabKLA10392
HistoryApr 16, 2009 - 12:00 a.m.

KLA10392 ACE vulnerability in Microsoft Intelligent Application Gateway

2009-04-1600:00:00
Kaspersky Lab
threats.kaspersky.com
30

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%

An unspecified vulnerability was found in Microsoft IAG. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via specially designed arguments.

Original advisories

Related products

Microsoft-Intelligent-Application-Gateway

CVE list

CVE-2007-2238 critical

Solution

Update to latest version

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • Microsoft Intelligent Application Gateway versions 3.7 SP1 and earlier

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.957 High

EPSS

Percentile

99.4%