Description
Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Kristian Hermansen · pythondoswindows
https://www.exploit-db.com/exploits/3926
exploitdb
WORKING POC
VERIFIED
by Kristian Hermansen · pythondoswindows
https://www.exploit-db.com/exploits/29813
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/33664
Third Party Advisory x_refsource_misc
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462793/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/464617/100/0/threaded
Third Party Advisory x_refsource_misc
http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23266
Scores
EPSS
0.5304
EPSS Percentile
98.0%
Details
CWE
CWE-399
Status
published
Products (2)
microsoft/windows_vista
microsoft/windows_xp
Published
Mar 20, 2007
Tracked Since
Feb 18, 2026