Vulnerability Details CVE-2008-3648
nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.423
EPSS Ranking 97.4%
CVSS Severity
CVSS v2 Score 9.3
References
- http://packetstormsecurity.org/0808-advisories/Nslookup-Crash.txt
- http://www.nullcode.com.ar/ncs/crash/nsloo.htm
- http://www.securityfocus.com/bid/30636
- http://www.securitytracker.com/id?1020711
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44423
- http://packetstormsecurity.org/0808-advisories/Nslookup-Crash.txt
- http://www.nullcode.com.ar/ncs/crash/nsloo.htm
- http://www.securityfocus.com/bid/30636
- http://www.securitytracker.com/id?1020711
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44423
Products affected by CVE-2008-3648
-
cpe:2.3:o:microsoft:windows_xp:-