CVE-2006-3652

Currently unrated

Key Information:

Vendor: Microsoft
Status: Isa Server
Vendor: CVE Published:; 18 July 2006

Summary

Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with a trailing "#" character. NOTE: as of 20060715, this could not be reproduced by third parties.

References

http://www.securityfocus.com/archive/1/440446/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/440558/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/18994

vdb-entryx_refsource_BID

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 18, 2006
Vulnerability Reserved
Jul 17, 2006

Collectors

NVD DatabaseMitre Database