Vulnerability Details : CVE-2006-0026
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-0026
- cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
Threat overview for CVE-2006-0026
Top countries where our scanners detected CVE-2006-0026
Top open port discovered on systems with this issue
80
IPs affected by CVE-2006-0026 108,798
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2006-0026!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2006-0026
96.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0026
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
References for CVE-2006-0026
-
http://www.vupen.com/english/advisories/2006/2752
-
http://securitytracker.com/id?1016466
Patch
-
http://www.kb.cert.org/vuls/id/395588
Patch;US Government Resource
-
http://archives.neohapsis.com/archives/bugtraq/2006-07/0316.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A435
-
http://www.us-cert.gov/cas/techalerts/TA06-192A.html
US Government Resource
-
http://www.securityfocus.com/bid/18858
Patch
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-034
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/26796
Jump to