Lucene search

K
zdiPesanteZDI-17-843
HistoryOct 10, 2017 - 12:00 a.m.

Microsoft Windows SMB Out-Of-Bounds Read Denial of Service Vulnerability

2017-10-1000:00:00
pesante
www.zerodayinitiative.com
53
microsoft
windows
smb
out-of-bounds read
denial of service
vulnerability
remote attackers
authentication
exploit
default configuration
srv driver
crafted request
allocated buffer
system

EPSS

0.799

Percentile

98.3%

This vulnerability allows remote attackers to create a denial-of-service on vulnerable installations of Microsoft Windows. Authentication is required to exploit this vulnerability, assuming the product is in its default configuration. The specific flaw exists within the srv driver. A crafted request to an SMB share can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to create a denial-of-service condition to users of the system.