KLA10610
Security bypass vulnerability in Microsoft IIS
Обновлено: 17/06/2019
Дата обнаружения
11/11/2014
Уровень угрозы
Warning
Описание

Improper wildcard processing was found in Microsoft IIS. By exploiting this vulnerability malicious users can bypass intended rules. This vulnerability can be exploited remotely via a specially designed HTTP request.

Пораженные продукты

Microsoft Internet Information Services 8.0 and 8.5

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2014-4078
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Microsoft Internet Information Services
CVE-IDS
Microsoft official advisories
Microsoft Security Update Guide
KB list

2982998