Public exploits available
A remote code execution vulnerability exists in the way that the IIS handles request headers to IIS servers with FastCGI enabled.
An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
FastCGI for IIS enables popular application frameworks that support the FastCGI protocol to be hosted on the IIS web server in a high-performance and reliable way. This vulnerability is caused by the way Internet Information Services with FastCGI enabled handles request headers. An attacker could exploit this vulnerability by creating a specially crafted HTTP request.
All applications not on the affected list.
This signature can cause false positives if you are not running any of the affected software versions or if you've already applied the patch.