CVE-2011-1965

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Microsoft Windows Server versions prior to the fixed version

Description A denial of service issue exists due to improper handling of URLs in memory when URL-based Quality of Service (QoS) is enabled. This allows remote attackers to cause a denial of service (reboot) via a crafted URL to a web server. An attacker who successfully exploits this issue could cause the target system to stop responding and automatically restart.

Recommendations For Microsoft Windows 7 Gold and SP1, update to a version that includes the fix for this issue. For Microsoft Windows Server 2008 R2 and R2 SP1, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling URL-based QoS to minimize the risk of exploitation.