The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "Header MDL Fragmentation Vulnerability."

在Microsoft Windows Vista Gold、SP1和SP2以及Server 2008 Gold和SP2中使用自定义网络驱动程序时，TCP/IP实现未正确处理包中封装安全payload(ESP)的局部碎片化，这允许远程攻击者通过精心构造的 packets 执行任意代码，也被称为“Header MDL Fragmentation Vulnerability”。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）