CVE-2009-2526 Information

Description

Microsoft Windows Vista Gold SP1 and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service aka \SMBv2 Infinite Loop Vulnerability.\

Reference

http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-050 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5595