关于 CVE-2010-0240 的漏洞信息

1. 漏洞描述
From NVD
The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when a custom network driver is used, does not properly handle local fragmentation of Encapsulating Security Payload (ESP) over UDP packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "Header MDL Fragmentation Vulnerability."
From 神龙GPT (AIGC)
在Microsoft Windows Vista Gold、SP1和SP2以及Server 2008 Gold和SP2中使用自定义网络驱动程序时,TCP/IP实现未正确处理包中封装安全payload(ESP)的局部碎片化,这允许远程攻击者通过精心构造的 packets 执行任意代码,也被称为“Header MDL Fragmentation Vulnerability”。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference