Buffer Overflow in Microsoft Internet Information Services 7.5
CVE-2010-2730

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Services
Vendor: CVE Published:; 15 September 2010

What is CVE-2010-2730?

A buffer overflow vulnerability exists in Microsoft Internet Information Services (IIS) 7.5 when FastCGI is enabled. This security flaw can be exploited by remote attackers to execute arbitrary code through specially crafted headers in an HTTP request, potentially compromising the integrity and confidentiality of the affected system.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2010
Vulnerability Reserved
Jul 14, 2010