CVE-2009-4445

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Services
Vendor: CVE Published:; 29 December 2009

Summary

Microsoft Internet Information Services (IIS), when used in conjunction with unspecified third-party upload applications, allows remote attackers to create empty files with arbitrary extensions via a filename containing an initial extension followed by a : (colon) and a safe extension, as demonstrated by an upload of a .asp:.jpg file that results in creation of an empty .asp file, related to support for the NTFS Alternate Data Streams (ADS) filename syntax. NOTE: it could be argued that this is a vulnerability in the third-party product, not IIS, because the third-party product should be applying its extension restrictions to the portion of the filename before the colon.

References

http://securitytracker.com/id?1023387

vdb-entryx_refsource_SECTRACK

http://soroush.secproject.com/downloadable/iis-semicolon-...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/55308

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 29, 2009
Vulnerability Reserved
Dec 29, 2009

Collectors

NVD DatabaseMitre Database