Executive Summary
Summary | |
---|---|
Title | Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666) |
Informations | |||
---|---|---|---|
Name | MS10-040 | First vendor Publication | 2010-06-08 |
Vendor | Microsoft | Last vendor Modification | 2010-06-30 |
Severity (Vendor) | Important | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 8.5 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.1 (June 30, 2010): Added a link to Microsoft Knowledge Base Article 982666 under Known Issues in the Executive Summary to address the issue where specific installations of IIS fail on restart after installing this security update.Summary: This security update resolves a privately reported vulnerability in Internet Information Services (IIS). The vulnerability could allow remote code execution if a user received a specially crafted HTTP request. An attacker who successfully exploited this vulnerability could take complete control of an affected system. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-040.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:7149 | |||
Oval ID: | oval:org.mitre.oval:def:7149 | ||
Title: | IIS Authentication Memory Corruption Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger memory corruption, aka "IIS Authentication Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1256 | Version: | 11 |
Platform(s): | Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | Microsoft Internet Information Server (IIS) 6.0 Microsoft Internet Information Server (IIS) 7.0 Microsoft Internet Information Server (IIS) 7.5 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2010-06-09 | Name : Microsoft IIS Authentication Remote Code Execution Vulnerability (982666) File : nvt/secpod_ms10-040.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65216 | Microsoft IIS Extended Protection for Authentication Memory Corruption A memory corruption flaw exists in Microsoft IIS. The program fails to sanitize user-supplied input when handling authentication tokens, resulting in memory corruption. With a specially crafted authentication packet, a remote authenticated attacker can execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-06-10 | IAVM : 2010-B-0045 - Microsoft Internet Information Services Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0024366 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2018-04-03 | Name : The remote web server may allow remote code execution. File : iis_7_pci.nasl - Type : ACT_GATHER_INFO |
2010-06-09 | Name : The remote web server may allow remote code execution. File : smb_nt_ms10-040.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-08-05 12:07:39 |
|
2014-02-17 11:46:35 |
|
2013-11-11 12:41:17 |
|