Vulnerability Details CVE-2009-2526
Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.808
EPSS Ranking 99.1%
CVSS Severity
CVSS v2 Score 7.8
Products affected by CVE-2009-2526
-
cpe:2.3:o:microsoft:windows_server_2008:-
-
cpe:2.3:o:microsoft:windows_server_2008:r2
-
cpe:2.3:o:microsoft:windows_vista:-