Threat Landscape Dashboard

Assessing today's threats and the relationships between them

CVE-2017-7269

7.07
9.33
Description:

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request. It was discovered in September 2017 that threat actors were exploiting the flaw to mine the Monero cryptocurrency.

Modified Date:

2017-10-11

 Back to top Share This