CVE-2007-6504
Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the headers of arbitrary hosts via an unspecified parameter.
Date published : 2007-12-20
http://www.securityfocus.com/bid/26862
http://www.securityfocus.com/archive/1/485028/100/0/threaded