exploitDog

GHSA-6r5q-pfqq-gh34

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

Ссылки

EPSS

Процентиль: 98%

0.56873

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287

CWE-330

Связанные уязвимости

CVE-2008-0087

CVSS3: 7.5

nvd

почти 18 лет назад

The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.

EPSS

Процентиль: 98%

0.56873

Средний

7.5 High

CVSS3

CVE ID

Дефекты

CWE-287

CWE-330