CVE-2017-7269

CRITICAL
2017-03-27 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Analysis Generated
Mar 26, 2026 - 11:18 vuln.today
Patch Released
Oct 22, 2025 - 00:16 nvd
Patch available
PoC Detected
Oct 22, 2025 - 00:16 vuln.today
Public exploit code
Added to CISA KEV
Oct 22, 2025 - 00:16 cisa
CISA KEV
CVE Published
Mar 27, 2017 - 02:59 nvd
CRITICAL 9.8

Tags

Windows

Description

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.

Analysis

Microsoft IIS 6.0 WebDAV service contains a buffer overflow in the ScStoragePathFromUrl function that allows unauthenticated remote code execution via crafted PROPFIND requests, exploited in the wild since mid-2016.

Technical Context

The CWE-120 buffer overflow in ScStoragePathFromUrl is triggered by an overly long header beginning with 'If: <http://' in a PROPFIND request. The overflow in the WebDAV URL parsing code allows attackers to overwrite the return address and execute shellcode with SYSTEM privileges.

Affected Products

['Microsoft IIS 6.0 on Windows Server 2003 R2']

Remediation

Migrate from Windows Server 2003/IIS 6.0 immediately (end-of-life since 2015). If migration is impossible, disable WebDAV. There is no official patch as the product is unsupported.

Priority Score

223
Low Medium High Critical
KEV: +50
EPSS: +94.4
CVSS: +49
POC: +20

Share

CVE-2017-7269 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy