Intrusion Prevention

MS.IIS.FTP.IAC.Remote.Code.Execution

Description

This indicates an attack attempt against a memory-corruption vulnerability in Windows 7 IIS.
The vulnerability is caused by an error when the vulnerable software parses a malformed FTP request. It allows remote attackers to crash vulnerable systems via sending a crafted FTP request.

Affected Products

Windows 7 IIS 7.5

Impact

System Compromise: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the patch, available from the vendor's web site:
http://www.microsoft.com/technet/security/Bulletin/MS11-004.mspx

CVE References

CVE-2010-3972