What is CVE-2010-1256?

CVE-2010-1256 is a vulnerability in Microsoft Internet_information_server, classified under Code Injection. Published 2010-06-08.

Is CVE-2010-1256 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Microsoft Internet_information_server

CVE-2010-1256

Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentication is enabled, allows remote authenticated users to execute arbitrary code via unknown vectors related to "token checking" that trigger…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.335 (97.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Internet_information_server — versions 6.0
Microsoft Windows_2003_server
Microsoft Windows_7
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

oval:org.mitre.oval:def:7149 (x_refsource_OVAL, signature, vdb-entry)
MS10-040 (x_refsource_MS, vendor-advisory)
40573 (vdb-entry, x_refsource_BID)
ms-iis-authentication-code-execution(58864) (vdb-entry, x_refsource_XF)
TA10-159B (US Government Resource, x_refsource_CERT, third-party-advisory)

Frequently asked questions

What is CVE-2010-1256?: CVE-2010-1256 is a vulnerability in Microsoft Internet_information_server, classified under Code Injection. Published 2010-06-08.
Is CVE-2010-1256 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.