VDB
CNVD-2015-02422
CNVD-2015-02422
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Microsoft IIS(Internet Information Server的缩写),是微软开发的网页服务器程序。 Microsoft IIS存在远程代码执行漏洞,该漏洞存在于HTTP协议堆栈(HTTP.sys)中,漏洞产生的原因是HTTP.sys未能正确分析经特殊设计的HTTP请求。允许攻击者利用漏洞在系统帐户的上下文中执行任意代码。
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- Apr 14, 2015 CVE Published
- May 14, 2016 PoC Published
- Nov 23, 2016 PoC Published
- May 29, 2018 PoC Published
- Jun 14, 2023 PoC Published
- Dec 24, 2024 PoC Published
- Feb 6, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 23, 2025 PoC Published
- Feb 2, 2026 PoC Published