CVE-2012-0174

Description

Windows Firewall in tcpip.sys in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly enforce firewall rules for outbound broadcast packets, which allows remote attackers to obtain potentially sensitive information by observing broadcast traffic on a local network, aka "Windows Firewall Bypass Vulnerability."

Related CPE's

omicrosoftwindows_server_2008r2*******

omicrosoftwindows_7-sp1x86*****

omicrosoftwindows_server_2008-sp2******

omicrosoftwindows_7********

omicrosoftwindows_server_2008r2sp1******

omicrosoftwindows_7-sp1x64*****

omicrosoftwindows_vista-sp2******

References

49114

81730

1027044

TA12-129A

US Government Resource

oval:org.mitre.oval:def:15160

ms-win-broadcast-sec-bypass(75128)

53352

MS12-032

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:L/AC:L/Au:S/C:P/I:N/A:N

AccessVector

LOCAL

AccessComplexity

LOW

Authentication

SINGLE

ConfidentialityImpact

PARTIAL

IntegrityImpact

NONE

AvailabilityImpact

NONE

BaseScore

1.7000000476837158

Created by Yello
About Severity.io