Threat Landscape Dashboard

Assessing today's threats and the relationships between them


Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request. It was discovered in September 2017 that threat actors were exploiting the flaw to mine the Monero cryptocurrency.
Name Modified Date Sources
CVE-2017-7269 2017-11-30