Command Injection Vulnerability in Web Servers Running ISAPI Extensions

Command Injection Vulnerability in Web Servers Running ISAPI Extensions

CVE-1999-0412 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

Learn more about our Cis Benchmark Audit For Microsoft Iis.