Test ID:	1.3.6.1.4.1.25623.1.0.811206
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows 'WebDAV' Remote Code Execution Vulnerability (KB3197835)
Summary:	This host is missing a critical security; update according to Microsoft KB3197835.
Description:	Summary: This host is missing a critical security update according to Microsoft KB3197835. Vulnerability Insight: The flaw exists due to an error in IIS when WebDAV improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in the context of current user. Affected Software/OS: - Microsoft Windows XP SP2 x64 - Microsoft Windows XP SP3 x86 - Microsoft Windows 2003 x32/x64 Edition Service Pack 2 and prior Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7269 BugTraq ID: 97127 http://www.securityfocus.com/bid/97127 https://www.exploit-db.com/exploits/41738/ https://www.exploit-db.com/exploits/41992/ https://0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.html https://github.com/danigargu/explodingcan https://github.com/edwardz246003/IIS_exploit https://github.com/rapid7/metasploit-framework/pull/8162 https://medium.com/@iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812 http://www.securitytracker.com/id/1038168
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.