Detections
Analytics

CVE-2011-1868

critical

Description

The Distributed File System (DFS) implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate fields in DFS responses, which allows remote DFS servers to execute arbitrary code via a crafted response, aka "DFS Memory Corruption Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11758

https://exchange.xforce.ibmcloud.com/vulnerabilities/67726

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-042

http://www.securitytracker.com/id?1025639

http://www.securityfocus.com/bid/48180

http://secunia.com/advisories/44894

Details

Source: Mitre, NVD

Published: 2011-06-16

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.34714