Critical severity9.8CISA KEVNVD Advisory· Published Mar 27, 2017· Updated Jun 17, 2026
CVE-2017-7269
CVE-2017-7269
Description
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:microsoft:internet_information_services:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
9- github.com/rapid7/metasploit-framework/pull/8162nvdIssue TrackingPatch
- support.microsoft.com/en-us/help/3197835/description-of-the-security-update-for-windows-xp-and-windows-servernvdBroken LinkPatchVendor Advisory
- 0patch.blogspot.com/2017/03/0patching-immortal-cve-2017-7269.htmlnvdExploitThird Party Advisory
- medium.com/%40iraklis/number-of-internet-facing-vulnerable-iis-6-0-to-cve-2017-7269-8bd153ef5812nvdExploit
- www.exploit-db.com/exploits/41738/nvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/41992/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/97127nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038168nvdBroken LinkThird Party AdvisoryVDB Entry
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.