10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
Added: 09/20/2010
CVE: CVE-2009-3103
BID: 36299
OSVDB: 57799
SMB2 is the replacement protocol for the SMB Windows filesharing protocol.
A buffer overflow vulnerability in the SMB2 Service allows remote attackers to execute arbitrary commands.
Apply the patch referenced in Microsoft Security Bulletin 09-050.
<http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx>
Exploit works on Windows Vista SP1 and SP2. Exploitation attempts while other SMB2 activity is taking place may cause target system to reboot.
Windows Vista