Microsoft » Internet Information Server : Security Vulnerabilities, CVEs, Published In 2009 (Code Execution)

CVE-2009-3023

Public exploit
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
Max CVSS
9.0
EPSS Score
96.97%
Published
2009-08-31
Updated
2021-02-05
1 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close