The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability."

微软Windows Server 2008 R2和Windows 7中的SMB客户端未能正确处理(1)SMBv1和(2)SMBv2响应包，这导致远程SMB服务器和中间人攻击者通过构造的包执行任意代码，从而使客户端读取整个响应，然后 improperly与Winsock内核(WSK)交互，aka "SMB客户端消息大小漏洞"。

NVD 暂无评分

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）