MS13-018 Vulnerability in Windows TCP/IP Could Allow Denial Of Service
2013-02-12 This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an unauthenticated attacker sends a specially crafted connection termination packet to the server.
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- TCP FIN WAIT Vulnerability
- A denial of service vulnerability exists in the Windows TCP/IP stack that could cause the target system to stop responding and automatically restart. The vulnerability is caused when the TCP/IP stack improperly handles a connection termination sequence.
CVE-2013-0075
Bulletin details at Microsoft.com
Related CVE Entries
The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (reboot) via a crafted packet that terminates a TCP connection, aka "TCP FIN WAIT Vulnerability."
Max CVSS
7.8
EPSS Score
87.51%
Published
2013-02-13
Updated
2023-12-07