CVE-2010-1256

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability."

CVSS v2.0 8.5 HIGH

8.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.us-cert.gov/cas/techalerts/TA10-159B.html	US Government Resource
http://www.securityfocus.com/bid/40573
https://exchange.xforce.ibmcloud.com/vulnerabilities/58864
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7149
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-040

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp2:itanium:::::

Configuration 2 (hide)

OR	cpe:2.3:o:microsoft:windows_vista:-:sp1::::::
	cpe:2.3:o:microsoft:windows_vista::sp1:x64:::::
	cpe:2.3:o:microsoft:windows_vista::sp1::::::*
	cpe:2.3:o:microsoft:windows_vista::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_vista::sp2::::::*
	cpe:2.3:o:microsoft:windows_vista:-:sp2::::::

Configuration 3 (hide)

OR	cpe:2.3:o:microsoft:windows_server_2008:::x64:::::*
	cpe:2.3:o:microsoft:windows_server_2008::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_server_2008:::itanium:::::*
	cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:::::*
	cpe:2.3:o:microsoft:windows_server_2008::sp2:x32:::::
	cpe:2.3:o:microsoft:windows_server_2008:::x32:::::*

Configuration 4 (hide)

OR	cpe:2.3:o:microsoft:windows_7:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2008:r2::x64:::::
	cpe:2.3:o:microsoft:windows_server_2008:r2::itanium:::::

Information

Published : 2010-06-08 13:30

Updated : 2021-02-05 07:37

NVD link : CVE-2010-1256

Mitre link : CVE-2010-1256

JSON object : View

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

Products Affected

microsoft

windows_7
windows_2003_server
windows_vista
windows_server_2008
internet_information_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html", "name": "TA10-159B", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.securityfocus.com/bid/40573", "name": "40573", "tags": [], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58864", "name": "ms-iis-authentication-code-execution(58864)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7149", "name": "oval:org.mitre.oval:def:7149", "tags": [], "refsource": "OVAL"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-040", "name": "MS10-040", "tags": [], "refsource": "MS"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to \"token checking\" that trigger memory corruption, aka \"IIS Authentication Memory Corruption Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-94"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-1256", "ASSIGNER": "secure@microsoft.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 8.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-06-08T20:30Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-02-05T15:37Z"}

8.5 /10