Microsoft Windows Networking Multiple Vulnerabilities ( 11 August 2010 )
RISK: Medium Risk
1. IPv6 Memory Corruption Vulnerability
A denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. An attacker could exploit the vulnerability by sending the target system a small number of specially crafted packets, causing the affected system to stop responding.
2. Integer Overflow in Windows Networking Vulnerability
An elevation of privilege vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of a specific input buffer. An attacker who successfully exploited this vulnerability could run arbitrary code with system-level privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
- Elevation of Privilege
System / Technologies affected
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Windows Vista Service Pack 1 and Windows Vista Service Pack 2
- Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems
Vulnerability Identifier
Source
Related Link
Share with