Vulnerability Details CVE-2006-6579
Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.6%
CVSS Severity
CVSS v2 Score 4.4
References
Products affected by CVE-2006-6579
-
cpe:2.3:a:microsoft:internet_information_server:-
-
cpe:2.3:a:microsoft:internet_information_server:1.0
-
cpe:2.3:a:microsoft:internet_information_server:2.0
-
cpe:2.3:a:microsoft:internet_information_server:3.0
-
cpe:2.3:a:microsoft:internet_information_server:4.0
-
cpe:2.3:a:microsoft:internet_information_server:5.0
-
cpe:2.3:a:microsoft:internet_information_services:1.0
-
cpe:2.3:a:microsoft:internet_information_services:2.0