CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
98.3%
The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate an internal variable in an SMB packet, which allows remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 packet, aka “SMB Variable Validation Vulnerability.”
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_7 | * | cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:* |
microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:* |
microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* |
microsoft | windows_server_2008 | - | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* |