Content
(MS10-009) Microsoft Windows ICMPv6 Route Information Vulnerability (974145)
- Type
- Misconfiguration
- Impact of exploitation
- Remote Code Execution
- User Interaction
- no user interaction is needed
- Attack Vector
- Malicious remote network traffic
- Rating
- Medium
- CVE reference
- CVE-2010-0241,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows Vista SP1,
- Windows Vista X64 SP1,
- Windows Server 2008 RTM,
- Summary
- A remote code execution vulnerability exists in the Windows TCP/IP stack.
Tab Navigation
Description
Microsoft Windows is an industry standard operating system. A remote code execution vulnerability exists in the Windows TCP/IP stack. The vulnerability is due to insufficient bounds checking when processing specially crafted ICMPv6 Route Information packets. An attacker to take control of the targeted system by sending specially crafted ICMPv6 Route Information packers to a machine with IPv6 enabled.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released an update to address this issue. http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS10-009) Microsoft Windows ICMPv6 Route Information Vulnerability (974145)
- Signature identifier:
- 7869
- Release date:
- 2/9/2010
Additional Resources
(MS10-009) Microsoft Windows ICMPv6 Route Information Vulnerability (974145)
http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
All Information
Timeline -
2/9/2010
Vendor has provided a patch.
Description -
Microsoft Windows is an industry standard operating system. A remote code execution vulnerability exists in the Windows TCP/IP stack. The vulnerability is due to insufficient bounds checking when processing specially crafted ICMPv6 Route Information packets. An attacker to take control of the targeted system by sending specially crafted ICMPv6 Route Information packers to a machine with IPv6 enabled.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released an update to address this issue. http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS10-009) Microsoft Windows ICMPv6 Route Information Vulnerability (974145)
- Signature identifier:
- 7869
- Release date:
- 2/9/2010
Additional Resources
Additional Resources -
(MS10-009) Microsoft Windows ICMPv6 Route Information Vulnerability (974145)
http://www.microsoft.com/technet/security/bulletin/ms10-009.mspx
