High severity7.5NVD Advisory· Published Apr 8, 2008· Updated Jun 16, 2026
CVE-2008-0087
CVE-2008-0087
Description
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*+ 2 more
- cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*
Patches
Vulnerability mechanics
References
10- www.securityfocus.com/bid/28553nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-020nvdPatchVendor Advisory
- marc.infonvdMailing ListThird Party Advisory
- secunia.com/advisories/29696nvdBroken LinkThird Party Advisory
- www.securityfocus.com/archive/1/490575/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-099A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5314nvdBroken LinkThird Party Advisory
- www.trusteer.com/docs/windowsresolver.htmlnvdBroken Link
- www.vupen.com/english/advisories/2008/1144/referencesnvdBroken Link
News mentions
0No linked articles in our index yet.