SMB Client Response Parsing Vulnerability

  Severity: CRITICAL
  CVE Identifier: CVE-2010-0476
  Advisory Date: JUL 21, 2015

  DESCRIPTION

The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted SMB transaction response that uses (1) SMBv1 or (2) SMBv2, aka "SMB Client Response Parsing Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004096
  Trend Micro Deep Security DPI Rule Name: 1004096 - SMB Client Response Parsing Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • microsoft windows_2003_server
  • microsoft windows_7 -
  • microsoft windows_server_2003
  • microsoft windows_server_2008
  • microsoft windows_server_2008 -
  • microsoft windows_vista
  • microsoft windows_vista -

Featured Stories