Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0876

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0876
Last Modified 05 Sep 2008 04:25:08
Published 20 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0876

Summary

Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.

Vulnerable Systems

Operating System

  • Microsoft Windows 98

  • Microsoft Windows 98se

  • Microsoft Windows Me

  • Microsoft Windows Xp


References

CERT - CA-2001-37

CERT-VN - VU#951555

XF - win-upnp-notify-bo(7721)

BID - 3723

MS - MS01-059

BUGTRAQ - 20011220 Multiple Remote Windows XP/ME/98 Vulnerabilities

CIAC - M-030


Last Updated: 27 May 2016 10:36:26