CVE-2010-2566

CVE-2010-2566 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, which allows remote servers to execute arbitrary code via a crafted SSL response, aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.