Back to KEVs

CVE-2008-3648

nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone...

Basic Information

CVE State
PUBLISHED
Reserved Date
August 12, 2008
Published Date
August 12, 2008
Last Updated
August 07, 2024
Vendor
Microsoft
Product
Windows XP SP2
Description
nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008.
Tags
windows

CVSS Scores

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2008-08-12 23:00:00 UTC) Source

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44423 http://www.securitytracker.com/id?1020711 http://packetstormsecurity.org/0808-advisories/Nslookup-Crash.txt http://www.securityfocus.com/bid/30636 http://www.nullcode.com.ar/ncs/crash/nsloo.htm

Known Exploited Vulnerability Information

Source Added Date
CVE 2008-08-12 23:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel