Unrated severityNVD Advisory· Published Oct 15, 2008· Updated Apr 23, 2026
CVE-2008-1446
CVE-2008-1446
Description
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
Affected products
1- cpe:2.3:a:microsoft:internet_information_services:*:*:*:*:*:*:*:*Range: >=5.0,<=7.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-062nvdPatchVendor Advisory
- marc.infonvdIssue TrackingThird Party Advisory
- secunia.com/advisories/32248nvdThird Party Advisory
- www.kb.cert.org/vuls/id/793233nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/31682nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-288A.htmlnvdThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2008/2813nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/45545nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/45548nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5764nvdThird Party Advisory
News mentions
0No linked articles in our index yet.