Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Internet Information Services Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-1256 - Vulnerability Database
Internet Information Services

Internet Information Services Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2010-1256

High
Reference: CVE-2010-1256
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-1256
Title: Internet Information Services Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

Unspecified vulnerability in Microsoft IIS 6.0 7.0 and 7.5 when Extended Protection for Authentication is enabled allows remote authenticated users to execute arbitrary code via unknown vectors related to quottoken checkingquot that trigger memory corruption aka quotIIS Authentication Memory Corruption Vulnerability.quot