Published: 14/04/2010 Updated: 30/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle malicious users to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Transaction Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 7
microsoft windows 7 -
microsoft windows server 2008

import sys,SocketServer # Windows 7/2008R2 SMB Client Trans2 stack overflow (MS10-020) # Date: 17/04/10 # Author: Laurent Gaffié # Tested on: Windows 7/2008R2 # CVE: CVE-2010-0270 # Full advisory: seclistsorg/fulldisclosure/2010/Apr/201 # More information: g-laurentblogspotcom/2010/04/ms10-020html # # Note from Exploit-DB: It ha ...

CWE-20 http://www.us-cert.gov/cas/techalerts/TA10-103A.html http://secunia.com/advisories/39372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7164 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-020 https://nvd.nist.gov https://www.exploit-db.com/exploits/12273/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-0270

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect