High severity7.5NVD Advisory· Published Apr 8, 2008· Updated Apr 23, 2026
CVE-2008-0087
CVE-2008-0087
Description
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
Affected products
7- cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*+ 2 more
- cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.securityfocus.com/bid/28553nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-020nvdPatchVendor Advisory
- marc.infonvdMailing ListThird Party Advisory
- secunia.com/advisories/29696nvdBroken LinkThird Party Advisory
- www.securityfocus.com/archive/1/490575/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA08-099A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5314nvdBroken LinkThird Party Advisory
- www.trusteer.com/docs/windowsresolver.htmlnvdBroken Link
- www.vupen.com/english/advisories/2008/1144/referencesnvdBroken Link
News mentions
0No linked articles in our index yet.