CVE-2008-0087
Description
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
56.873
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows 2000 (KB945553) | Windows |
| Security Update for Windows XP (KB945553) | Windows |
| Security Update for Windows Server 2003 (KB945553) x86 based systems | Windows |
| Security Update for Windows Server 2003 (KB945553) x86 based systems for SP2 | Windows |
| Security Update for Windows Vista (KB945553) | Windows |
| Security Update for Windows XP x64 Edition (KB945553) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB945553) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB945553) for SP2 | Windows |
| Security Update for Windows Vista for x64-based Systems (KB945553) | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234