Buffer Overflow in Microsoft Internet Information Services 7.5
CVE-2010-2730

Currently unrated

Key Information:

Vendor: Microsoft
Status: Internet Information Services
Vendor: CVE Published:; 15 September 2010

Summary

A buffer overflow vulnerability exists in Microsoft Internet Information Services (IIS) 7.5 when FastCGI is enabled. This security flaw can be exploited by remote attackers to execute arbitrary code through specially crafted headers in an HTTP request, potentially compromising the integrity and confidentiality of the affected system.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 15, 2010
Vulnerability Reserved
Jul 14, 2010