CVE listings for Windows SMB vulnerabilities
These could be in any of the SMB drivers and their supporting services.
| Bulletin | Type | CVE | Description |
|---|---|---|---|
| MS02-070 | RCE | CAN-2002-1256 | Flaw in SMB Signing Could Enable Group Policy to be Modified |
| MS03-024 | RCE | CAN-2003-0345 | Buffer overflow in the SMB capability |
| MS05-011 | RCE | CAN-2005-0045 | Trans2 FIND_FIRST2 responses with large file name length fields |
| MS05-027 | RCE | CAN-2005-1206 | Server Message Block Vulnerability |
| MS06-030 | EOP | CVE-2006-2373 | SMB Driver Elevation of Privilege Vulnerability |
| MS06-030 | DOS | CVE-2006-2374 | SMB Invalid Handle Vulnerability |
| MS06-035 | RCE | CVE-2006-1314 | Mailslot Heap Overflow Vulnerability |
| MS06-035 | INFO | CVE-2006-1315 | SMB Information Disclosure Vulnerability |
| MS06-040 | RCE | CVE-2006-3439 | Buffer Overrun in Server Service Vulnerability |
| MS06-063 | DOS | CVE-2006-3942 | Server Service Denial of Service Vulnerability |
| MS08-063 | RCE | CVE-2008-4038 | SMB Buffer Underflow Vulnerability |
| MS08-067 | RCE | CVE-2008-4250 | Server Service Vulnerability overflow during path canonicalization |
| MS08-068 | RCE | CVE-2008-4037 | SMB Credential Reflection Vulnerability SMBRelay |
| MS09-001 | RCE | CVE-2008-4834 | SMB Buffer Overflow Remote Code Execution Vulnerability |
| MS09-001 | RCE | CVE-2008-4835 | SMB Validation Remote Code Execution Vulnerability |
| MS09-001 | DOS | CVE-2008-4835 | SMB Validation Remote Code Execution Vulnerability |
| MS09-050 | DOS | CVE-2009-2526 | SMBv2 Infinite Loop Vulnerability |
| MS09-050 | RCE | CVE-2009-2532 | SMBv2 Command Value Vulnerability |
| MS09-050 | RCE | CVE-2009-3103 | SMBv2 Negotiation Vulnerability |
| MS10-012 | RCE | CVE-2010-0020 | SMB Pathname Overflow Vulnerability |
| MS10-012 | DOS | CVE-2010-0021 | SMB Memory Corruption Vulnerability |
| MS10-012 | DOS | CVE-2010-0022 | SMB Null Pointer Vulnerability |
| MS10-012 | EOP | CVE-2010-0231 | SMB NTLM Authentication Lack of Entropy Vulnerability |
| MS10-054 | RCE/EOP | CVE-2010-2550 | SMB Pool Overflow Vulnerability |
| MS10-054 | DOS | CVE-2010-2551 | SMB Variable Validation Vulnerability |
| MS10-054 | DOS | CVE-2010-2552 | SMB Stack Exhaustion Vulnerability |
| MS11-020 | RCE | CVE-2011-0661 | SMB Transaction Parsing Vulnerability |
| MS15-083 | RCE | CVE-2015-2474 | Server Message Block Memory Corruption Vulnerability |
| MS16-114 | RCE/DOS | CVE-2016-3345 | Windows SMB Authenticated Remote Code Execution Vulnerability |
| MS17-010 | RCE | CVE-2017-0143 | ETERNALROMANCE/ETERNALSYNERGY - WriteAndX and Trans |
| MS17-010 | RCE | CVE-2017-0144 | ETERNALBLUE - Integer overflow SrvOs2FeaListSizeToNt |
| MS17-010 | RCE | CVE-2017-0145 | ??? - Integer overflow SrvOs2GeaListSizeToNt? |
| MS17-010 | RCE | CVE-2017-0146 | ETERNALCHAMPION/ETERNALSYNERGY Trans race condition |
| MS17-010 | INFO | CVE-2017-0147 | ETERNALROMANCE - Info leak SrvPeekNamedPipe |
| MS17-010 | RCE | CVE-2017-0148 | ??? - Pool overflow extended create? |