Oval Definition:oval:org.mitre.oval:def:12087
Revision Date:2012-03-26Version:24
Title:Integer Overflow in Windows Networking Vulnerability
Description:Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied to kernel mode, aka "Integer Overflow in Windows Networking Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2010-1893
Platform(s):Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Product(s):
Definition Synopsis
  • Windows Vista x86/x64 SP1, Windows Server 2008 x86/x64/ia64
  • Microsoft Windows Vista (32-bit) Service Pack 1 is installed
  • OR Microsoft Windows Vista x64 Edition Service Pack 1 is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • OR Microsoft Windows Server 2008 (ia-64) is installed
  • AND GDR or LDR Service branch
  • The version of Tcpip.sys is less than 6.0.6001.18493
  • OR LDR
  • the version of Tcpip.sys is greater than or equal 6.0.6001.22000
  • AND The version of Tcpip.sys is less than 6.0.6001.22713
  • OR Windows 7 x86/x64, Windows Server 2008 R2 x64/ia64
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
  • AND GDR or LDR Service branch
  • The version of Tcpip.sys is less than 6.1.7600.16610
  • OR LDR
  • The version of Tcpip.sys is greater than or equal 6.1.7600.20000
  • AND The version of Tcpip.sys is less than 6.1.7600.20733
    • BACK