Back to search
CVE-2010-0477
Published: Apr 14, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
39372
third-party-advisory
x_refsource_SECUNIA
MS10-020
vendor-advisory
x_refsource_MS
TA10-103A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:6859
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now