CVE-2007-0069

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability."

Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via crafted (1) IGMPv3 and (2) MLDv2 packets that trigger memory corruption, aka "Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability."

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft Windows

First reported 17 years ago

2008-01-08 20:46:00

Last updated 6 years ago

2018-10-16 16:31:00

Affected Software

Microsoft Windows Server 2003

Microsoft Windows Vista

Microsoft Windows XP Service Pack 2

References

http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-3-the-case-of-the-igmp-network-critical.aspx

28297

Patch, Vendor Advisory

1019166

20070108 Multiple (3) Microsoft Windows TCP/IP Remote Code Execution and DoS Vulnerabilities

VU#115083

US Government Resource

SSRT080003

27100

TA08-008A

US Government Resource

ADV-2008-0069

Vendor Advisory

MS08-001

win-ssm-igmp-bo(39452)

win-ssm-mld-bo(39453)

oval:org.mitre.oval:def:5370

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.