Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-1872 — Infinite Loop in Microsoft Windows Server 2008

CWE-3993 documents3 sources

Severity

4.7MEDIUMNVD

EPSS

2.8%

top 13.77%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows Server 2008

Timeline

PublishedJun 16

Latest updateMay 13

Description

Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malformed machine instructions in a VMBus packet, aka "VMBus Persistent DoS Vulnerability."

CVSS vector

AV:L/AC:M/C:N/I:N/A:CExploitability: 3.4 | Impact: 6.9

Affected Packages1 packages

▶NVDmicrosoft/windowsr2

🔴Vulnerability Details

GHSA

GHSA-w37q-mj57-9rm2: Hyper-V in Microsoft Windows Server 2008 Gold, SP2, R2, and R2 SP1 allows guest OS users to cause a denial of service (host OS infinite loop) via malf↗2022-05-13

▶

💥Exploits & PoCs

Exploit-DB

Microsoft HyperV - Persistent Denial of Service (MS11-047)↗2011-06-14

▶