Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Host Integration Server 2004
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3466 1 Microsoft 3 Host Integration Server 2000, Host Integration Server 2004, Host Integration Server 2006 2024-11-21 10.0 HIGH N/A
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability."