CVE-2009-2512

Name of the Vulnerable Software and Affected Versions Windows Vista versions Gold, SP1, and SP2 Windows Server 2008 versions Gold and SP2

Description A remote code execution issue exists due to improper processing of WSD message headers by the Web Services on Devices API (WSDAPI). This allows remote attackers to execute arbitrary code via a crafted message or response. The vulnerability is caused by the service not properly handling a WSDAPI message with a specially crafted header, which could allow an attacker to take complete control of an affected system.

Recommendations For Windows Vista versions Gold, SP1, and SP2: Apply the necessary patch to fix the Web Services on Devices API (WSDAPI) memory corruption issue. For Windows Server 2008 versions Gold and SP2: Apply the necessary patch to fix the Web Services on Devices API (WSDAPI) memory corruption issue.