RCE in Microsoft Windows_server_2008
CVE-2010-0239
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Router Advertisement packets, which allows remote attackers to…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.613 (99.0th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Windows_server_2008
- Microsoft Windows_vista
- N/a — versions n/a
Weakness classification (CWE)
References
- TA10-040A (US Government Resource, x_refsource_CERT, third-party-advisory)
- MS10-009 (x_refsource_MS, vendor-advisory)
- oval:org.mitre.oval:def:8478 (signature, x_refsource_OVAL, vdb-entry)