Microsoft Internet Information Services (IIS) multiple vulnerability - MS10-065ID: oval:org.secpod.oval:def:1589 | Date: (C)2011-07-29 (M)2022-03-15 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS10-065. The update is required to fix multiple vulnerability. Multiple flaws are present in the asp.dll in Internet Information Services (IIS) in Microsoft Windows, which is due to improper ASP implementation which fails to evaluate crafted request. Successful exploitation could allow an attacker to execute arbitrary code on the system when FastCGI or directory-based Basic Authentication is enabled.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Internet Information Server 7.5 |
Microsoft Internet Information Server 5.1 |
Microsoft Internet Information Server 6.0 |
Microsoft Internet Information Server 7.0 |