KLA10610
Security bypass vulnerability in Microsoft IIS
Updated: 06/01/2019
Detect date
?
11/11/2014
Severity
?
Warning
Description

Improper wildcard processing was found in Microsoft IIS. By exploiting this vulnerability malicious users can bypass intended rules. This vulnerability can be exploited remotely via a specially designed HTTP request.

Affected products

Microsoft Internet Information Services 8.0 and 8.5

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2014-4078

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Related products
Microsoft Internet Information Services
CVE-IDS
?
Microsoft official advisories
Microsoft Security Update Guide
KB list

2982998