What is CVE-2011-0654?

CVE-2011-0654 is a vulnerability in Microsoft Windows_2003_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-02-16.

Is CVE-2011-0654 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Microsoft Windows_2003_server

CVE-2011-0654

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vist…

Vulnerability class: Buffer Overflow

EPSS: 0.781 (99.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

secure@microsoft.com (x_refsource_CONFIRM)
TA11-102A (US Government Resource, x_refsource_CERT, third-party-advisory)
VU#323172 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
16166 (Exploit, exploit, x_refsource_EXPLOIT-DB)
ADV-2011-0394 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
secure@microsoft.com (x_refsource_CONFIRM)
1025328 (vdb-entry, x_refsource_SECTRACK)
20110214 MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow (mailing-list, x_refsource_FULLDISC)
46360 (Exploit, vdb-entry, x_refsource_BID)
ADV-2011-0938 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)

Frequently asked questions

What is CVE-2011-0654?: CVE-2011-0654 is a vulnerability in Microsoft Windows_2003_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-02-16.
Is CVE-2011-0654 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.