CVE-2006-3652

Опубликовано: 18 июл. 2006

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with a trailing "#" character. NOTE: as of 20060715, this could not be reproduced by third parties.

Ссылки

http://securitytracker.com/id?1016506
http://www.securityfocus.com/archive/1/440105/100/0/threaded
http://www.securityfocus.com/archive/1/440247/100/0/threaded
http://www.securityfocus.com/archive/1/440299/100/0/threaded
http://www.securityfocus.com/archive/1/440446/100/0/threaded
http://www.securityfocus.com/archive/1/440558/100/0/threaded
http://www.securityfocus.com/bid/18994
http://securitytracker.com/id?1016506
http://www.securityfocus.com/archive/1/440105/100/0/threaded
http://www.securityfocus.com/archive/1/440247/100/0/threaded
http://www.securityfocus.com/archive/1/440299/100/0/threaded
http://www.securityfocus.com/archive/1/440446/100/0/threaded
http://www.securityfocus.com/archive/1/440558/100/0/threaded
http://www.securityfocus.com/bid/18994

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:isa_server:2004:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19995

Средний

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4vcc-6pw6-88rm

github

почти 4 года назад