CVE-2010-4562

Published: Feb 2, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping. NOTE: due to a typo, some sources map CVE-2010-4562 to a ProFTPd mod_sql vulnerability, but that issue is covered by CVE-2010-4652.

Affected (6)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows 7, Windows Server 2008, Windows Vista, Windows Xp

6 products

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows 7	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Xp	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://seclists.org/dailydave/2011/q2/25

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2011/Apr/254

Source: cve@mitre.org

http://seclists.org/dailydave/2011/q2/25

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2011/Apr/254

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.