E10-49m01
CVSS:
5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
False Positive:
f
Variants:
1
Year:
2010
Description
This strike exploits a denial of service vuln within SMB. An SMB Session Setup AndX request uses the SecurityBlobLength value to find the context after the Security Blob. If this value is overly large, the buffer pointer will point to uninitialized variable which can terminate a process.