CVE-2010-0239

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2

Description A remote code execution issue exists due to insufficient bounds checking when processing specially crafted ICMPv6 Router Advertisement packets. This allows an anonymous attacker to execute arbitrary code via crafted packets. An attacker who successfully exploits this issue could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Windows Vista versions Gold, SP1, and SP2, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 versions Gold and SP2, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling IPv6 until a patch is available.