CVE-2010-1256
CVE-2010-1256 is an IIS memory-corruption vulnerability (IIS 6.0/7.0/7.5) tied to Extended Protection for Authentication. A remote attacker could execute arbitrary code by abusing how authentication information is parsed, when Extended Protection is enabled (KB973917). Microsoft MS10-040 fixes th...