[Japanese]
|
JVNDB-2010-000031
|
Microsoft Windows denial of service (DoS) vulnerability
|
Microsoft Windows contains a denial of service (DoS) vulnerability.
Microsoft Windows contains a denial of service (DoS) vulnerability caused by IPv6 packets with malformed extension headers.
Darren Willis of Fourteenforty Research Institute Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
CVSS V2 Severity: Base Metrics 7.8 (High) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: None
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Complete
|
|
Microsoft Corporation
- Microsoft Windows 7
- Microsoft Windows 7 (x64)
- Microsoft Windows Server 2008
- Microsoft Windows Server 2008 (itanium)
- Microsoft Windows Server 2008 (x64)
- Microsoft Windows Server 2008 r2(itanium)
- Microsoft Windows Server 2008 r2(x64)
- Microsoft Windows Vista
- Microsoft Windows Vista (x64)
|
|
A remote attacker could possibly cause a denial of service (DoS) by sending specially crafted IPv6 packets.
|
[Update the software]
Update to the latest version according to the information provided by the developer.
|
Microsoft Corporation
FUJITSU
- FUJITSU Security Information : TA10-222A (Japanese)
|
- Improper Input Validation(CWE-20) [IPA Evaluation]
|
- CVE-2010-1892
|
- JVN : JVN#86832361
- National Vulnerability Database (NVD) : CVE-2010-1892
- US-CERT Cyber Security Alerts : SA10-222A
- US-CERT Technical Cyber Security Alert : TA10-222A
- SecurityFocus : 42251
- VUPEN Security : VUPEN/ADV-2010-2055
|
- [2010/08/13]
Web page published
|