New Search

SMBv2 Infinite Loop Vulnerability

oval:org.mitre.oval:def:5595

Microsoft Windows Vista Gold SP1 and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service aka "SMBv2 Infinite Loop Vulnerability."

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2008
  • Microsoft Windows Vista
Class:
vulnerability
Reference(s):
  • CVE-2009-2526
Product(s):
  • SMBv2