Unrated severityNVD Advisory· Published May 22, 2007· Updated Jun 16, 2026
CVE-2007-2815
CVE-2007-2815
Description
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote attackers to bypass NTLM and basic authentication mechanisms and access private web directories via the CiWebhitsfile parameter to null.htw.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_information_services:5.0:*:*:*:*:*:*:*
- (no CPE)range: = 5.0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.