CVE-2010-3960

Published: Dec 16, 2010Modified: Apr 29, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."

Affected (3)

Products: Microsoft: Windows Server 2008

Microsoft

1 product

Windows Server 2008

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version r2

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (16)

http://osvdb.org/69818

Source: secure@microsoft.com

http://secunia.com/advisories/42617

Source: secure@microsoft.com

Vendor Advisory

http://www.securityfocus.com/bid/45293

Source: secure@microsoft.com

http://www.securitytracker.com/id?1024884

Source: secure@microsoft.com

http://www.us-cert.gov/cas/techalerts/TA10-348A.html

Source: secure@microsoft.com

US Government Resource

http://www.vupen.com/english/advisories/2010/3224

Source: secure@microsoft.com

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-102

Source: secure@microsoft.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12359

Source: secure@microsoft.com

http://osvdb.org/69818