MicrosoftCVE-2011-1868CVE-2011-1868
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.4%
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka βDFS Memory Corruption Vulnerability.β
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_2003_server | cpe:/o:microsoft:windows_2003_server::sp2:: | |
| microsoft | windows_xp | - | cpe:/o:microsoft:windows_xp:-:sp2:: |
| microsoft | windows_server_2003 | cpe:/o:microsoft:windows_server_2003::sp2:: | |
| microsoft | windows_xp | cpe:/o:microsoft:windows_xp::sp3:: |
References
secunia.com/advisories/44894
www.securityfocus.com/bid/48180
www.securitytracker.com/id?1025639
docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-042
exchange.xforce.ibmcloud.com/vulnerabilities/67726
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11758
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.4%