Description

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability."

Remediation

References

CVE-2010-1256

Related Vulnerabilities

WordPress Plugin EventCommerce WP Event Calendar Cross-Site Scripting (1.0)

ownCloud Improper Input Validation Vulnerability (CVE-2013-2044)

Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)

Restlet Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-14949)

WordPress Plugin Import any XML or CSV File to WordPress Cross-Site Scripting (3.4.5)

Severity

High

Classification

CVE-2010-1256 CWE-94

Tags

Missing Update Known Vulnerabilities