Remote Code Execution Vulnerabilities in WINS - MS09-039ID: oval:org.secpod.oval:def:2290 | Date: (C)2011-09-09 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS09-039. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows Internet Name Service (WINS), which fails to handle specially crafted WINS replication packet. Successful exploitation allows an attacker to execute arbitrary code.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |