CVE-2007-0087

N/A Unknown
Published: January 05, 2007 Modified: April 23, 2026
View on NVD

Description

Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/33457
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/455833/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/455879/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/455882/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/455920/100/0/threaded
Source: cve@mitre.org
http://osvdb.org/33457
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/455833/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/455879/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/455882/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/455920/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
42.2%
97th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

microsoft