VYPR
Unrated severityNVD Advisory· Published Sep 8, 2009· Updated Jun 16, 2026

CVE-2009-1925

CVE-2009-1925

Description

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*+ 6 more
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*
    • (no CPE)range: Server 2008 Gold, SP2
  • Microsoft/Windows6 versions
    cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*
  • Range: Vista Gold, SP1, SP2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.