|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-05-13 | |
| Rule Name: | Microsoft Windows SMB Pathname Buffer Overflow Vulnerability (CVE-2010-0020) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate request fields, which allows remote authenticated users to execute arbitrary code via a malformed request, aka "SMB Pathname Overflow Vulnerability." | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | MicrosoftSecurityBulletin:ms10-012 http://www.us-cert.gov/cas/techalerts/TA10-040A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8438 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.microsoft.com/downloads/details.aspx?familyid=8f7adee3-e68e -41b3-b835-d84691774f31 |