CVE-2001-0162

WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

References

Link	Resource
http://www.cs.jhu.edu/~seny/pubs/wince802.pdf	Exploit Vendor Advisory
http://www.cs.jhu.edu/~seny/pubs/wince802.pdf	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:microsoft:windows_embedded_compact:3.0.9348:*:*:*:*:*:*:*

History

20 Nov 2024, 23:34

Type	Values Removed	Values Added
References	~~() http://www.cs.jhu.edu/~seny/pubs/wince802.pdf - Exploit, Vendor Advisory~~	() http://www.cs.jhu.edu/~seny/pubs/wince802.pdf - Exploit, Vendor Advisory

15 Dec 2023, 19:06

Type	Values Removed	Values Added
First Time		Microsoft windows Embedded Compact
CPE	cpe:2.3:o:microsoft:windows_ce:3.0.9348:::::::*	cpe:2.3:o:microsoft:windows_embedded_compact:3.0.9348:::::::*

Information

Published : 2001-01-01 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2001-0162

Mitre link : CVE-2001-0162

CVE.ORG link : CVE-2001-0162

JSON object : View

Products Affected

microsoft

CWE

NVD-CWE-Other