HTTP Stack Remote Code Execution Vulnerability (CVE-2022-21907) Alert

janeiro 28, 2022

Overview On January 12, NSFOCUS CERT detected that Microsoft released a monthly security update, which fixed an HTTP protocol stack remote code execution vulnerability (CVE-2022-21907). A buffer overflow can occur due to a boundary error in the HTTP Trailer Support feature in the HTTP stack (HTTP.sys). An unauthenticated attacker can execute arbitrary code on a […]


Inscreva-se no Blog da NSFOCUS