Lucene search

PRIOn knowledge basePRION:CVE-2008-4301

HistorySep 29, 2008 - 5:17 p.m.

Design/Logic Flaw

2008-09-2917:17:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

77.0%

JSON

A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote attackers to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original researcher is unreliable. Therefore the original disclosure is probably erroneous

References

www.attrition.org/pipermail/vim/2008-October/002081.html

www.securityfocus.com/archive/1/496694/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/45587

6.8 Medium

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for PRION:CVE-2008-4301

cve1