CVE-2009-2505
기본정보
  • 공개일 : 2009-12-09
  • 변경일 : 2010-06-13
  • 위험도 : 낮음
  • 공격 범위 : 인터넷
  • 피해 유형 : 무결성 훼손, 기밀 유출, 가용성 침해
CVSS 평가 위험도: 10.0 (영향도: 10.0 익스플로잇: 10.0 )
설명

The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitrary code via crafted structures in a malformed request, aka "Internet Authentication Service Memory Corruption Vulnerability."
참조
취약 소프트웨어
  • Microsoft windows_server_2008 sp2
  • Microsoft windows_vista sp2:x64
  • Microsoft windows_server_2008 sp2:itanium
  • Microsoft windows_vista sp2
  • Microsoft windows_server_2008 sp2 x64
  • Microsoft windows_server_2008 sp2 x32