| Vulnerability Name: | CVE-2001-0721 (CCN-7428) | ||||||||
| Assigned: | 2001-11-01 | ||||||||
| Published: | 2001-11-01 | ||||||||
| Updated: | 2018-10-12 | ||||||||
| Summary: | Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Nov 01 2001 - 21:07:03 CST Three Windows XP UPNP DOS attacks Source: MITRE Type: CNA CVE-2001-0721 Source: BUGTRAQ Type: UNKNOWN 20011101 Three Windows XP UPNP DOS attacks Source: BUGTRAQ Type: UNKNOWN 20011109 Important Information Regarding MS01-054 and WindowsME Source: CCN Type: CIAC Information Bulletin M-015 Microsoft Universal Plug and Play Request Vulnerability Source: CCN Type: Microsoft Security Bulletin MS01-054 Invalid Universal Plug and Play Request can Disrupt System Operation Source: CCN Type: Microsoft Security Bulletin MS01-059 Unchecked Buffer in Universal Plug and Play can Lead to System Compromise Source: CCN Type: OSVDB ID: 13959 Microsoft Windows Universal Plug and Play (UPnP) Malformed Request DoS Source: CCN Type: BID-3499 Microsoft UPnP Denial of Service Vulnerability Source: MS Type: UNKNOWN MS01-054 Source: XF Type: UNKNOWN win-upnp-dos(7428) Source: CCN Type: Microsoft Knowledge Base Article 309073 Invalid Universal Plug and Play Request can Disrupt System Operation Source: CCN Type: Microsoft Knowledge Base Article 309521 Windows XP Update Package, October 25, 2001 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||