VDB

CNVD-2015-02422

CNVD-2015-02422 PUBLISHED CVSS 9.800000190734863 CRITICAL

Microsoft IIS(Internet Information Server的缩写),是微软开发的网页服务器程序。 Microsoft IIS存在远程代码执行漏洞,该漏洞存在于HTTP协议堆栈(HTTP.sys)中,漏洞产生的原因是HTTP.sys未能正确分析经特殊设计的HTTP请求。允许攻击者利用漏洞在系统帐户的上下文中执行任意代码。

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
n/an/an/a

Timeline

  • Apr 14, 2015 CVE Published
  • May 14, 2016 PoC Published
  • Nov 23, 2016 PoC Published
  • May 29, 2018 PoC Published
  • Jun 14, 2023 PoC Published
  • Dec 24, 2024 PoC Published
  • Feb 6, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 23, 2025 PoC Published
  • Feb 2, 2026 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›