Description

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability."

Remediation

References

CVE-2010-1256

Related Vulnerabilities

WordPress Plugin Floating Cart for WooCommerce Security Bypass (1.2.2)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29046)

WordPress Plugin Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)

WordPress Plugin SodaHead Polls Multiple Cross-Site Scripting Vulnerabilities (2.0.2)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2020-35452)

Severity

High

Classification

CVE-2010-1256 CWE-94

Tags

Missing Update Known Vulnerabilities