允许远程经过身份验证的用户通过格式错误的请求,进行“SMB Pathname溢出漏洞”执行任意代码。
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 2000 | SP4 | |||
| Windows Server 2003 | SP2 | |||
| Windows 7 | ||||
| Windows Server 2008 | SP2 | |||
| Windows Server 2008 | R2 | |||
| Windows Server 2008 | ||||
| Windows Vista | ||||
| Windows Vista | SP1 | |||
| Windows Vista | SP2 | |||
| Windows Xp | SP2 | |||
| Windows Xp | SP3 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2010-0020
该漏洞并未进行测试,根目录留存着网络收集**[CVE编号].zip**的EXP或者POC,代码状态未知