CVE-2012-2531

Description

Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15959

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-073

http://www.securityfocus.com/bid/56439

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3