10

CVE-2007-5351

Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows Vista Updategold
MicrosoftWindows Vista Updategold Editionx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 41.24% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA07-345A.html
US Government Resource
http://secunia.com/advisories/27997
Vendor Advisory
http://www.kb.cert.org/vuls/id/520465
US Government Resource
http://www.securityfocus.com/bid/26777
http://www.securitytracker.com/id?1019072
http://www.vupen.com/english/advisories/2007/4179
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-063
https://exchange.xforce.ibmcloud.com/vulnerabilities/38725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4208