VYPR
Unrated severityNVD Advisory· Published Oct 14, 2009· Updated Jun 16, 2026

CVE-2009-2526

CVE-2009-2526

Description

Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
  • Microsoft/Windows6 versions
    cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*
  • Range: <= SP2
  • Range: Gold, SP2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.