Vulnerability Details CVE-2011-1868
The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Memory Corruption Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.347
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/44894
- http://www.securityfocus.com/bid/48180
- http://www.securitytracker.com/id?1025639
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67726
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11758
- http://secunia.com/advisories/44894
- http://www.securityfocus.com/bid/48180
- http://www.securitytracker.com/id?1025639
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-042
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67726
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11758
Products affected by CVE-2011-1868
-
cpe:2.3:o:microsoft:windows_2003_server:-
-
cpe:2.3:o:microsoft:windows_server_2003:-
-
cpe:2.3:o:microsoft:windows_server_2003:r2
-
cpe:2.3:o:microsoft:windows_xp:-
-
cpe:2.3:o:microsoft:windows_xp:unknown