CVE-2008-0074

high Microsoft
CVSS v3 Base Score
7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
1.6%
Exploitation probability in 30 days
Top 18% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: February 12, 2008 (6665 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders.

CWE

CWE-264

Affected Products

microsoft internet information servermicrosoft internet information services

References

🔗 marc.info 🔗 secunia.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.us-cert.gov