CVE-2014-0254

2014-02-1204:50:39

CWE-20

[email protected]

web.nvd.nist.gov

cve-2014-0254

ipv6

microsoft windows

windows 8

windows server 2012

windows rt

remote code execution

denial of service

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.077 Low

EPSS

Percentile

94.2%

JSON

The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka “TCP/IP Version 6 (IPv6) Denial of Service Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_8Match--x64

microsoftwindows_8Match--x86

microsoftwindows_rtMatch-

microsoftwindows_server_2012Match-

CPENameOperatorVersion
microsoft:windows_8microsoft windows 8eq-
microsoft:windows_rtmicrosoft windows rteq-
microsoft:windows_server_2012microsoft windows server 2012eq-