CVE-2010-0024
Summary
| CVE | CVE-2010-0024 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-04-14 16:00:00 UTC |
| Updated | 2020-04-09 13:22:00 UTC |
| Description | The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (service outage) via a crafted response to a DNS MX record query, aka "SMTP Server MX Record Vulnerability." |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Exchange Server | 2000 | sp3 | All | All |
| Application | Microsoft | Exchange Server | 2003 | sp2 | All | All |
| Application | Microsoft | Exchange Server | 2007 | sp1 | All | All |
| Application | Microsoft | Exchange Server | 2007 | sp2 | All | All |
| Application | Microsoft | Exchange Server | 2010 | - | All | All |
| Application | Microsoft | Exchange Server | 2000 | sp3 | All | All |
| Application | Microsoft | Exchange Server | 2003 | sp2 | All | All |
| Application | Microsoft | Exchange Server | 2007 | sp1 | All | All |
| Application | Microsoft | Exchange Server | 2007 | sp2 | All | All |
| Application | Microsoft | Exchange Server | 2010 | - | All | All |
| Operating System | Microsoft | Windows 2000 | - | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | - | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | - | sp2 | All | All |
| Operating System | Microsoft | Windows 2003 Server | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2003 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2003 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | r2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | All | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | r2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp3 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | - | sp3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Security Bulletin MS10-024 - Important | Microsoft Docs | MS | docs.microsoft.com | Patch, Vendor Advisory |
| US-CERT Technical Cyber Security Alert TA10-103A -- Microsoft Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | Third Party Advisory, US Government Resource |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.