CVE-2006-7027

CVE Database · CVE-2006-7027

CVE-2006-7027

· N/AModified

CVSS v3.1

N/A

EPSS

14.57%

Published

Feb 23, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which allows remote attackers to manipulate portions of the log file and possibly leverage this for other attacks.

Affected Products (1)

microsoft · isa_servervulnerable

References (10)

http://www.securityfocus.com/archive/1/432947/30/5190/threaded

http://www.securityfocus.com/archive/1/433074/30/5190/threaded

http://www.securityfocus.com/archive/1/433141/30/5160/threaded

http://www.securityfocus.com/archive/1/433350/30/5100/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/26233

http://www.securityfocus.com/archive/1/432947/30/5190/threaded

http://www.securityfocus.com/archive/1/433074/30/5190/threaded

http://www.securityfocus.com/archive/1/433141/30/5160/threaded

http://www.securityfocus.com/archive/1/433350/30/5100/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/26233

KEV Catalog EPSS Scores Vendors All CVEs