- Home
- CVEs with nessus.description==The version of the SMB client software installed on the remote Windows host is affected by two vulnerabilities that could allow arbitrary code execution :
- Improper validation of fields in SMB responses can lead to a pool corruption issue and in turn to arbitrary code execution with SYSTEM level privileges.
(CVE-2010-0016)
- Improper handling of a race condition involving SMB 'Negotiate' responses may allow a remote attacker to execute arbitrary code, cause a denial of service, or escalate his privileges. (CVE-2010-0017)
Note that successful exploitation of either issue requires an attacker to trick a user on the affected host into initiating an SMB connection to a malicious SMB server.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top