Intrusion Prevention

MS.Windows.SMB.Request.Code.Execution

Description

This indicates an attempt to exploit a memory-corruption vulnerability in the Microsoft Windows implementation of the Microsoft Server Message Block (SMB) 2.0 protocol.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malformed NEGOTIATE PROTOCOL request. A remote attacker could exploit this vulnerability to execute arbitrary code.

Affected Products

Microsoft Windows Vista
Microsoft Windows Server 2008

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2009-3103