CVE-1999-0909

CWE-2643 documents3 sources

Severity

7.5HIGH

EPSS

4.3%

top 11.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 95 Microsoft Windows NT

Timeline

PublishedSep 20

Latest updateApr 30

Description

Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/windows_950a, 0b+1

▶NVDmicrosoft/windows_nt4.0

🔴Vulnerability Details

GHSA

GHSA-wrg2-pxvh-4rg2: Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed R↗2022-04-30

▶

CVEList

CVE-1999-0909: Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed R↗2000-01-04

▶