Lucene search

PRIOn knowledge basePRION:CVE-2010-2567

HistorySep 15, 2010 - 7:00 p.m.

Memory corruption

2010-09-1519:00:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.2%

JSON

The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly allocate memory during the parsing of responses, which allows remote RPC servers and man-in-the-middle attackers to execute arbitrary code via a malformed response, aka “RPC Memory Corruption Vulnerability.”

CPENameOperatorVersion
windows_xpeq sp2x64

CPE	Name	Operator	Version
	windows_xp	eq	sp2x64

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-066

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7177

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.2%

JSON

Related for PRION:CVE-2010-2567