Vulnerability Manager Plus

ms11-004: vulnerability in internet information services (iis) ftp service could allow remote code execution for Windows Server 2008 R2 x64 Edition (KB2489256) for SP1

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

91.689%

CVE Information

Source CVE
CVE-2010-3972

Associated CVE
CVE-2010-3972

Patch Details

Patch associated with this vulnerability is supported by ManageEngine.

Patch ID
12261

Patch Description
Security Update for Windows Server 2008 R2 x64 Edition (KB2489256)

References

http://blogs.technet.com/b/srd/archive/2011/01/07/assessing-the-risk-of-public-issues-currently-being-tracked-by-the-msrc.aspx
http://secunia.com/advisories/42713
http://www.exploit-db.com/exploits/15803
http://www.kb.cert.org/vuls/id/842372
http://www.microsoft.com/technet/security/Bulletin/MS11-004.mspx
http://www.securityfocus.com/bid/45542
http://www.securitytracker.com/id?1024921
http://www.vupen.com/english/advisories/2010/3305
https://exchange.xforce.ibmcloud.com/vulnerabilities/64248