CVE-2009-4445

EPSS 10.06%
Veröffentlicht 29.12.2009 21:00:24
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax.  NOTE: it could be argued that this is a vulnerability in the third-party product, not IIS, because the third-party product should be applying its extension restrictions to the portion of the filename before the colon.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Internet Information Services Version <= 6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	10.06%	0.928

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securitytracker.com/id?1023387

Third Party Advisory

VDB Entry

http://soroush.secproject.com/downloadable/iis-semicolon-report.pdf

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/55308

https://nvd.nist.gov/vuln/detail/CVE-2009-4445

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-4445

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-4445

EUVD