First published: Wed Apr 14 2010(Updated: )
Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to bypass intended IPv4 source-address restrictions via a mismatched IPv6 source address in a tunneled ISATAP packet, aka "ISATAP IPv6 Source Address Spoofing Vulnerability."
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows XP | =sp2 | |
Microsoft Windows XP | =sp3 | |
Microsoft Windows XP | =sp2 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows Server 2003 | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | ||
Microsoft Windows Server | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =sp2 | |
Microsoft Windows Vista | ||
Microsoft Windows Vista | ||
Microsoft Windows Vista | =sp1 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp1 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp2 | |
Microsoft Windows Vista | =sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-0812 has been rated as a critical vulnerability due to its potential to allow remote code execution.
To fix CVE-2010-0812, you should apply the latest security updates provided by Microsoft for the affected Windows versions.
CVE-2010-0812 affects Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista, and Windows Server 2008.
Yes, CVE-2010-0812 can be exploited remotely through a specially crafted ISATAP packet.
Exploitation of CVE-2010-0812 could lead to unauthorized actions performed on the vulnerable systems, including data theft and system compromise.