ByteOS Network

NVD Vulnerability Details :

CVE-2009-1926

Modified

Source-secure@microsoft.com

Published At-08 Sep, 2009 | 22:30

Updated At-07 Dec, 2023 | 18:38

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability."

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C

Hyperlink	Source	Resource
http://osvdb.org/57797	secure@microsoft.com	N/A
http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926	secure@microsoft.com	N/A
http://www.securityfocus.com/archive/1/506331/100/0/threaded	secure@microsoft.com	N/A
http://www.securityfocus.com/bid/36269	secure@microsoft.com	N/A
http://www.us-cert.gov/cas/techalerts/TA09-251A.html	secure@microsoft.com	US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048	secure@microsoft.com	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965	secure@microsoft.com	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History