CVE-2008-4301

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Services
Vendor: CVE Published:; 29 September 2008

Summary

A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote attackers to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original researcher is unreliable. Therefore the original disclosure is probably erroneous

References

http://www.securityfocus.com/archive/1/496694/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.attrition.org/pipermail/vim/2008-October/00208...

mailing-listx_refsource_VIM

https://exchange.xforce.ibmcloud.com/vulnerabilities/45587

vdb-entryx_refsource_XF

EPSS Score

0% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 29, 2008
Vulnerability Reserved
Sep 29, 2008

Collectors

NVD DatabaseMitre Database