Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
Published 2010-12-23 18:00:03
Updated 2021-02-05 15:37:21
View at NVD,   CVE.org
Vulnerability category: OverflowExecute codeDenial of service

Threat overview for CVE-2010-3972

Top countries where our scanners detected CVE-2010-3972
Top open port discovered on systems with this issue 80
IPs affected by CVE-2010-3972 981,671
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2010-3972!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2010-3972

96.99%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2010-3972

  • Microsoft IIS FTP Server Encoded Response Overflow Trigger
    Disclosure Date: 2010-12-21
    First seen: 2020-04-26
    auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof
    This module triggers a heap overflow when processing a specially crafted FTP request containing Telnet IAC (0xff) bytes. When constructing the response, the Microsoft IIS FTP Service overflows the heap buffer with 0xff bytes. This issue can be triggered pre-auth a

CVSS scores for CVE-2010-3972

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
10.0
HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
NIST

CWE ids for CVE-2010-3972

References for CVE-2010-3972

Products affected by CVE-2010-3972

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!