CVE-2006-6579

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Server; Internet Information Services
Vendor: CVE Published:; 15 December 2006

Summary

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.

References

http://www.securityfocus.com/archive/1/454268/100/0/threaded

mailing-listx_refsource_BUGTRAQ

EPSS Score

0% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 15, 2006
Vulnerability Reserved
Dec 15, 2006

Collectors

NVD DatabaseMitre Database