9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.2 High
AI Score
Confidence
High
0.967 High
EPSS
Percentile
99.6%
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
www.ciac.org/ciac/bulletins/o-077.shtml
www.kb.cert.org/vuls/id/445214
www.osvdb.org/3903
www.securityfocus.com/bid/9624
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-006
exchange.xforce.ibmcloud.com/vulnerabilities/15037
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A704
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A800
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A801
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A802