Vulnerability Note VU#323172
Microsoft Windows browser election message kernel pool overflow
A vulnerability exists in the way the Microsoft Windows browser service handles Browser Election messages.
"The browser service maintains a list of the domain name or workgroup name the computer is in, and the protocol being used for each computer on the network segment being served by the computer running the browser service. On each network segment, a master browser is elected from the group of computers located on the segment that are running the browser service."
Using a specially crafted Browser Election message, an attacker may be able to cause a Denial of Service (DoS) or execute arbitrary code.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||15 Apr 2011|
CVSS Metrics (Learn More)
This document was written by David Warren.
- CVE IDs: Unknown
- Date Public: 14 Feb 2011
- Date First Published: 16 Feb 2011
- Date Last Updated: 15 Apr 2011
- Severity Metric: 18.73
- Document Revision: 17
If you have feedback, comments, or additional information about this vulnerability, please send us email.