关于 CVE-2010-0477 的漏洞信息

1. 漏洞描述
From NVD
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability."
From 神龙GPT (AIGC)
微软Windows Server 2008 R2和Windows 7中的SMB客户端未能正确处理(1)SMBv1和(2)SMBv2响应包,这导致远程SMB服务器和中间人攻击者通过构造的包执行任意代码,从而使客户端读取整个响应,然后 improperly与Winsock内核(WSK)交互,aka "SMB客户端消息大小漏洞"。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference