New Search

IIS Authentication Memory Corruption Vulnerability

oval:org.mitre.oval:def:7149

Unspecified vulnerability in Microsoft IIS 6.0 7.0 and 7.5 when Extended Protection for Authentication is enabled allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption aka "IIS Authentication Memory Corruption Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2003
  • Microsoft Windows Server 2008 R2
Class:
vulnerability
Reference(s):
  • CVE-2010-1256
Product(s):
  • Microsoft Internet Information Server (IIS) 7.5
  • Microsoft Internet Information Server (IIS) 7.0
  • Microsoft Internet Information Server (IIS) 6.0