Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-2897
HistoryMay 30, 2007 - 10:30 a.m.

CVE-2007-2897

2007-05-3010:30:00
[email protected]
web.nvd.nist.gov
1

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.867 High

EPSS

Percentile

98.6%

JSON

Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute arbitrary code after connecting a data stream to a device COM port; via requests for a URI containing a ‘/’ immediately before and after the name of a DOS device, as demonstrated by the /AUX/.aspx URI, which bypasses a blacklist for DOS device requests.

Affected configurations

NVD
Node
microsoftinternet_information_serverMatch6.0

Related

seebug 1
nessus 2
cvelist 1
prion 1
cve 1
seebug
seebug
Microsoft IIS 6.0 DOS设备请求安全限制绕过漏洞
2012-02-01 00:00:00
nessus
nessus
Microsoft ASP.NET MS-DOS Device Name DoS (PCI-DSS check)
2013-02-13 00:00:00
Microsoft ASP.NET MS-DOS Device Name DoS
2013-02-13 00:00:00
cvelist
cvelist
CVE-2007-2897
2007-05-30 10:00:00
prion
prion
Code injection
2007-05-30 10:30:00
cve
cve
CVE-2007-2897
2007-05-30 10:30:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.867 High

EPSS

Percentile

98.6%

JSON
Related for NVD:CVE-2007-2897
seebug1nessus2cvelist1prion1cve1