CVE-2007-0087

EPSS 42.16%
Veröffentlicht 05.01.2007 18:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment.  NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Information Server

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	42.16%	0.974

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

http://www.securityfocus.com/archive/1/455833/100/0/threaded

http://www.securityfocus.com/archive/1/455879/100/0/threaded

http://www.securityfocus.com/archive/1/455882/100/0/threaded

http://www.securityfocus.com/archive/1/455920/100/0/threaded

http://osvdb.org/33457

https://nvd.nist.gov/vuln/detail/CVE-2007-0087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0087

EUVD