Unrated severityNVD Advisory· Published Aug 12, 2009· Updated Jun 16, 2026
CVE-2009-1923
CVE-2009-1923
Description
Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- (no CPE)range: SP4
cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*
- (no CPE)range: SP2
- Range: 2000 SP4 and Server 2003 SP2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.