PT-2017-2427 · Microsoft · Gpkcsp.Dll+2

Publicado

2017-06-22

Atualizado

2019-10-24

CVE-2017-0176

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions prior to SP3 Microsoft Windows Server 2003 versions prior to SP2

Description A buffer overflow in the Smart Card authentication code in gpkcsp.dll allows a remote attacker to execute arbitrary code on the target computer. This issue affects computers that are part of a Windows domain and have Remote Desktop Protocol connectivity or Terminal Services enabled.

Recommendations For Microsoft Windows XP versions prior to SP3, update to SP3 or a later service pack to resolve the issue. For Microsoft Windows Server 2003 versions prior to SP2, update to SP2 or a later service pack to resolve the issue.

Exploit

Correção

Buffer Overflow

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120CWE-284

Identificadores relacionados

BDU:2017-01632

CVE-2017-0176

Produtos afetados

Windows Server 2003

Windows Xp

Gpkcsp.Dll

PT-2017-2427 · Microsoft · Gpkcsp.Dll+2

CVE-2017-0176

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8