Memory Corruption Vulnerability in Microsoft IIS Authentication
CVE-2010-1256

Currently unrated

Key Information:

Vendor

Microsoft
Status
Internet Information Server
Vendor
CVE Published:
8 June 2010

What is CVE-2010-1256?

A vulnerability exists in Microsoft Internet Information Services (IIS) versions 6.0, 7.0, and 7.5, specifically when Extended Protection for Authentication is enabled. This flaw permits remote authenticated users to execute arbitrary code due to issues in 'token checking' that can lead to memory corruption. The impact of this vulnerability can compromise the integrity of the server, allowing attackers to gain unauthorized access and control over the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/40573
vdb-entryx_refsource_BID

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.