Download
| Alert*
oval:org.mitre.oval:def:7149
Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption ... oval:org.secpod.oval:def:1523 The host is missing a Critical security update according to Microsoft security bulletin, MS10-040. The update is required to fix remote code execution vulnerability. A flaw is present in the Internet Information Services (IIS), which fails to validate a specially crafted HTTP request. Successful exp ... |