CVE-2011-2013

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1

Description A remote code execution issue exists due to an integer overflow in the TCP/IP implementation, allowing attackers to execute arbitrary code by sending specially crafted UDP packets to a closed port. This could enable an attacker to run arbitrary code in kernel mode, potentially leading to the installation of programs, viewing, changing, or deleting data, or creating new accounts with full user rights.

Recommendations For Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1, update to a newer version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.