(MS12-073) Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

Publish date: November 15, 2012

Severity: MEDIUM

CVE Identifier: CVE-2012-2531,CVE-2012-2532

Advisory Date: NOV 15, 2012

DESCRIPTION

This patch addresses two vulnerabilities affecting Microsoft Internet Information Services (IIS). When exploited via a specially crafted FTP commands to a certain server, it can lead to information disclosure.

SOLUTION

PATCH: https://technet.microsoft.com/en-us/security/bulletin/ms12-073

AFFECTED SOFTWARE AND VERSION

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1

Featured Stories

$Open Ran Attack of xApps$
Open RAN: Attack of the xApps
This article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handling
Read more
$A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services$
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking Services
This article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.
Read more
$How Residential Proxies and CAPTCHA-Solving Services Become Agents of Abuse$
How Residential Proxies and CAPTCHA-Solving Services Become Agents of Abuse
This article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.
Read more
$Cloud-native apps$
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native Applications
We provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.
Read more

(MS12-073) Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

DESCRIPTION

SOLUTION

AFFECTED SOFTWARE AND VERSION

Featured Stories

Resources

Support

About Trend

Country Headquarters

(MS12-073) Vulnerabilities in Microsoft Internet Information Services (IIS) Could Allow Information Disclosure (2733829)

DESCRIPTION

SOLUTION

AFFECTED SOFTWARE AND VERSION

Featured Stories

Resources

Support

About Trend

Country Headquarters

The Americas

Middle East & Africa

Europe

Asia & Pacific