CVE-2007-0066

Description

The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability."

Related CPE's

omicrosoftwindows_xp*sp2******

omicrosoftwindows_xp-sp2x64*****

omicrosoftwindows_2000*sp4******

omicrosoftwindows_server_2003********

amicrosofthome_server********

omicrosoftwindows_2003_server*golditanium*****

omicrosoftwindows_2003_server*sp1******

omicrosoftwindows_server_2003*sp2******

omicrosoftwindows_2003_server*sp2******

amicrosoftsmall_business_server2003*sp1*****

References

28297

PatchVendor Advisory

TA08-008A

US Government Resource

20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities

http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx

27139

1019166

ADV-2008-0069

Vendor Advisory

win-tcpip-icmp-dos(39254)

oval:org.mitre.oval:def:5271

MS08-001

SSRT080003

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:N/I:N/A:C

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

NONE

AvailabilityImpact

COMPLETE

BaseScore

7.099999904632568

Created by Yello
About Severity.io