Privilege Escalation Vulnerability in Microsoft Internet Information Services by Microsoft
CVE-2008-0074

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Server; Internet Information Services
Vendor: CVE Published:; 12 February 2008

What is CVE-2008-0074?

This vulnerability in Microsoft Internet Information Services (IIS) versions 5.0 through 7.0 enables local users to escalate their privileges. The flaw is associated with the handling of file change notifications in critical folders such as TPRoot, NNTPFile\Root, and WWWRoot. By exploiting this vulnerability, unauthorized users could manipulate configurations or access protected resources, potentially compromising the integrity and security of the server environment.

References

http://www.vupen.com/english/advisories/2008/0507/references

vdb-entryx_refsource_VUPEN

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securitytracker.com/id?1019384

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2008
Vulnerability Reserved
Jan 3, 2008