Description
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Remediation
References
Related Vulnerabilities
e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)
WordPress Plugin Push Notifications for WordPress (Lite) Cross-Site Request Forgery (6.0)
Oracle Database Server CVE-2014-2406 Vulnerability (CVE-2014-2406)
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)