Lucene search

[email protected]CVE-2009-1923

HistoryAug 12, 2009 - 5:30 p.m.

CVE-2009-1923

2009-08-1217:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-1923

buffer overflow

wins

microsoft windows

security vulnerability

nvd

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.859 High

EPSS

Percentile

98.5%

JSON

Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka “WINS Heap Overflow Vulnerability.”

CPENameOperatorVersion
microsoft:windows_2003_servermicrosoft windows 2003 servereq-
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2003_server	microsoft windows 2003 server	eq	-
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.us-cert.gov/cas/techalerts/TA09-223A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-039

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6410

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.859 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2009-1923

checkpoint_advisories1 prion1 securityvulns3 seebug1 zdi1 nessus2 openvas2