New Search

IIS Authentication Memory Corruption Vulnerability

oval:org.mitre.oval:def:7149

Unspecified vulnerability in Microsoft IIS 6.0 7.0 and 7.5 when Extended Protection for Authentication is enabled allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption aka "IIS Authentication Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 7
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2010-1256
Product(s):
  • Microsoft Internet Information Server (IIS) 7.5
  • Microsoft Internet Information Server (IIS) 6.0
  • Microsoft Internet Information Server (IIS) 7.0