First published: Tue Sep 08 2009(Updated: )
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2008 | =sp2-x64 | |
Microsoft Windows Server 2008 | =sp2-x32 | |
Microsoft Windows Vista | ||
Microsoft Windows Vista | =sp1 | |
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows Vista | =sp1 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Server 2008 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.