| Check Point Reference: |
CPAI-2011-363 |
| Date Published: |
9 Aug 2011 |
| Severity: |
High
|
| Last Updated: |
Saturday 01 January, 2011 |
| Source: |
Microsoft Security Bulletin MS11-064 |
| Industry Reference: | CVE-2011-1965
CVE-2001-0852 |
| Protection Provided by: |
|
| Who is Vulnerable? | Windows 7 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 |
| Vulnerability Description |
A denial of service (DoS) vulnerability has been reported in Microsoft Windows TCP/IP stack. An attacker could exploit this vulnerability to cause a DoS condition in an affected system. As a result, the system may become unresponsive and automatically reboot. |
| Update/Patch Avaliable | MS11-064 |
| Vulnerability Details | This is a denial of service vulnerability. The vulnerability exists due to improper handling of specially crafted URLs in memory by the TCP/IP stack. The issue occurs when URL-based Quality of Service (QoS) is enabled. A remote attacker could exploit this issue by sending a specially crafted URL request to an affected server. Successful exploitation may allow an attacker to cause a DoS condition in the target system. As a result, the system may become unresponsive and automatically reboot. |
Feedback