header-logo
Suggest Exploit
vendor:
Windows Vista
by:
Microsoft

Microsoft Windows SMBv2.0 Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the Microsoft Server Message Block 2.0 (SMBv2) protocol due to improper handling of certain requests. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Mitigation:

Microsoft has released a security update to address this vulnerability.
Source

Exploit-DB raw data:

The following proof of concept is available:

smb: \> put aa%3Fbb