Improper input validation in Microsoft Windows_7

CVE-2010-3229

The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handsha…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.643 (98.5th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_7
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

oval:org.mitre.oval:def:6806 (x_refsource_OVAL, signature, vdb-entry)
MS10-085 (x_refsource_MS, vendor-advisory)
secure@microsoft.com (x_refsource_CONFIRM)
TA10-285A (US Government Resource, x_refsource_CERT, third-party-advisory)
43780 (vdb-entry, x_refsource_BID)