Summary

Netsparker identified a Remote Code Execution and DoS in HTTP.sys (IIS) (CVE-2015-1635) in the target web server.

The vulnerability allows attackers to execute arbitrary commands on the target system.

Impact

An attacker can execute arbitrary commands on the system.

Remediation
Upgrade your system by following these instructions.
Classifications
PCI v3.1-6.5.1, PCI v3.2-6.5.1, CAPEC-340, WASC-7, OWASP 2013-A1 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:W/RC:C
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Search Category

OR

Search Vulnerability