Кибэр банк буюу ХААН БАНК Security vulnerability CVE-2010-2730 CVE-2010-3972 detected
Кибэр банк буюу Хаан банк Microsoft-IIS/7.5 ашиглаж вэбээ хийсэн бөгөөд тус IIS 7.5 хувилбарт http://www.exploit-db.com/exploits/15803/ мөн CVE-2010-2730 илэрж байна.
\
About : Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
\
About : Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
- CVSS Scores & Vulnerability Types
| CVSS Score |
9.3
|
|---|---|
| Confidentiality Impact | Complete (There is total information disclosure, resulting in all system files being revealed.) |
| Integrity Impact | Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.) |
| Availability Impact | Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.) |
| Access Complexity | Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit) |
| Authentication | Not required (Authentication is not required to exploit the vulnerability.) |
| Gained Access | None |
| Vulnerability Type(s) | Execute CodeOverflow |
| CWE ID | 119 |
+ Related OVAL Definitions
- Products Affected By CVE-2010-2730
| # | Product Type | Vendor | Product | Version | Update | Edition | Language | |
|---|---|---|---|---|---|---|---|---|
| 1 | Application | Microsoft | IIS | 7.5 | Version Details Vulnerabilities |
- Number Of Affected Versions By Product
| Vendor | Product | Vulnerable Versions |
|---|---|---|
| Microsoft | IIS | 1 |
No comments:
Post a Comment