virus logo FortiClient Vulnerability

Microsoft Windows CVE-2016-0150 Request Smuggling Vulnerability

description-logoDescription

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an attacker could send a specially crafted HTTP packet to a target system, causing the affected system to become nonresponsive. The update addresses the vulnerability by modifying how the Windows HTTP protocol stack handles HTTP 2.0 requests. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate user rights.

affected-products-logoAffected Applications

Windows 10

CVE References

CVE-2016-0150

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0150
ID 51648
Created Sep 25, 2018
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Windows 10