PT-2007-7338 · Microsoft+1 · Iis+1
Published
2007-12-20
·
Updated
2018-10-15
·
CVE-2007-6504
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Hosting Controller versions prior to 6.1 Hot fix 3.3
Description
The issue allows remote authenticated users to modify the headers of arbitrary hosts. This is achieved by manipulating an unspecified parameter in the iibind.asp file of IIS.
Recommendations
For versions prior to 6.1 Hot fix 3.3, update to a version later than 6.1 Hot fix 3.3 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hosting Controller
Iis