Microsoft Windows TCP/IP code execution
High Risk 
Description:
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by an error in the TCP/IP stack when processing UDP packets. By sending specially-crafted UDP packets to a closed port, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Platforms Affected:
• Microsoft Windows 7 SP1 x64
• Microsoft Windows 7 x32
• Microsoft Windows Server 2008 R2 x64
• Microsoft Windows Server 2008 R2 SP1 x64
• Microsoft Windows Server 2008 R2 SP1 Itanium
• Microsoft Windows Server 2008 R2 Itanium
• Microsoft Windows Server 2008 x64
• Microsoft Windows Server 2008 SP2 x32
• Microsoft Windows Server 2008 SP2 Itanium
• Microsoft Windows Vista SP2 x64
• Microsoft Windows Vista SP2
References:
• Microsoft Security Bulletin MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution (588516).
• CVE-2011-2013: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
• SA46731: Microsoft Windows TCP/IP Reference Counter Overflow Vulnerability
for more information click HERE.
No comments:
Post a Comment