HTTP Protocol Stack Remote Code Execution Vulnerability (DOS)

Severity:: High

Description

A vulnerability in the Microsoft Windows HTTP Protocol Stack (HTTP.sys) allows remote attackers to execute arbitrary code or cause a system crash on the host operating system.

Recommendation

Immediately apply the latest security updates provided by Microsoft to mitigate this vulnerability. Regularly update your Windows systems to ensure they are protected against known security risks.

References

Microsoft: HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31166
CAPEC-310
OWASP 2021-A6

Related Issues

Windows Path Disclosure - Vulnerability
Cross-Site Scripting in sanitize-html (GHSA-3j7m-hmh3-9jmp) - CVE-2016-1000237
Cross-Site Scripting in bootstrap-select (GHSA-9r7h-6639-v5mw) - Vulnerability
Improper Privilege Management in shelljs (GHSA-64g7-mvw6-v9qj) - Vulnerability

Tags:: DOS; Windows

Anything's wrong? Let us know Last updated on May 13, 2024