CVE-2011-0654 in Windowsinformazioni

Riassunto

di MITRE

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

28/01/2011

Divulgazione

15/02/2011

Moderazione

accettato

Voce

VDB-4301

CPE

pronto

CWE

CWE-119 (confermato)

Sfruttamento

Scaricare

CVSS

10.0 (NVD)

EPSS

0.68084

KEV

Attività

molto basso

Settore

Hospital, Industry, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-0654
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-0654
CVE Details	https://www.cvedetails.com/cve/CVE-2011-0654/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you need the next level of professionalism?

Upgrade your account now!