Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35298: HTTP.sys Denial of Service Vulnerability

How could an attacker exploit this vulnerability?

In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the Server Name Indication (SNI) over HTTP Protocol Stack (http.sys) to process packets, causing a denial of service (DOS).

Microsoft Security Response Center
#vulnerability#dos#auth#Windows HTTP.sys#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-12695: Chromium: CVE-2024-12695 Out of bounds write in V8