CVE-2008-0075

CWE-94 — Code Injection3 documents3 sources

Severity

10.0CRITICAL

EPSS

68.6%

top 1.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Information Server

Timeline

PublishedFeb 12

Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/internet_information_server6.0

🔴Vulnerability Details

GHSA

GHSA-chvq-2x4v-3vgh: Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5↗2022-05-01

▶

CVEList

CVE-2008-0075: Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5↗2008-02-12

▶