Vulnerability In SMBv2 Could Allow Remote Code Execution (942624) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS07-063.

Impact

Successful exploitation allows remote attackers to execute arbitrary code in the context of logged-in users. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx

Insight

The flaw is due to an improper implementation of SMBv2 signing and can be exploited to execute arbitrary code by spoofing the signature in a SMBv2 packet to a trusted host.

Affected

Microsoft Windows Vista.

References

http://secunia.com/advisories/27997
http://securitytracker.com/alerts/2007/Dec/1019072.html
http://www.microsoft.com/technet/security/bulletin/ms07-063.mspx
http://xforce.iss.net/xforce/xfdb/38725

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-5351

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Groove Remote Code Execution Vulnerability (2494047)
Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
Microsoft DirectShow Remote Code Execution Vulnerability (2845187)
Cumulative Security Update for Internet Explorer (958215)
Microsoft Internet Explorer HTML Rendering Remote Memory Corruption Vulnerability (944533)

Vulnerability in SMBv2 Could Allow Remote Code Execution (942624)

Take action and discover your vulnerabilities