New Search

SChannel Malformed Certificate Request Remote Code Execution Vulnerability

oval:org.mitre.oval:def:11787

The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate certificate request messages from TLS and SSL servers which allows remote servers to execute arbitrary code via a crafted SSL response aka "SChannel Malformed Certificate Request Remote Code Execution Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2010-2566
Product(s):