ByteOS Network

NVD Vulnerability Details :

CVE-2010-2730

Modified

Source-secure@microsoft.com

Published At-15 Sep, 2010 | 19:00

Updated At-29 Apr, 2026 | 01:13

Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 9.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

Microsoft Corporation

>>internet_information_services>>7.5

cpe:2.3:a:microsoft:internet_information_services:7.5:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

Evaluator Description

Per: http://www.microsoft.com/technet/security/Bulletin/MS10-065.mspx 'FastCGI is not enabled by default in IIS.'

References

Hyperlink	Source	Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065	secure@microsoft.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6933	secure@microsoft.com	N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-065	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6933	af854a3a-2127-422b-91ae-364da2661108	N/A