CVE-2011-0654

Exp

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information.

Published: 2011-02-16 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Threat Intelligence & Risk Assessment for CVE-2011-0654

EPSS CVSS CWE Exploit-DB Affected

Conclusion & alert: CVE-2011-0654 is rated High Exploit Risk (87.2/100): CVSS Critical severity, with high exploitation likelihood (EPSS 78.08%, 99th percentile). Core evidence: 3 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2011-0654

EDB-ID	Source	Kind	Published	Link
16166	exploit_db	edb	2011-02-14	Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2011-0654

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-02-28	80.54%	78.08%	-2.47%
2	2026-02-27	78.71%	80.54%	+1.84%
3	2026-02-14	—	78.71%	—

Full EPSS history (28 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-0654

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
10.0	2.0	HIGH	`AV:N/AC:L/Au:N/C:C/I:C/A:C` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:C) Complete confidentiality impact. Integrity impact (I:C) Complete integrity impact. Availability impact (A:C) Complete availability impact.	10.0	10.0	[email protected]

Weakness enumeration for CVE-2011-0654

CWE-119 MITRE ↗

Affected software / configurations for CVE-2011-0654

Vendor	Product	Version	Raw CPE
microsoft	windows_2003_server	—	cpe:2.3:o:microsoft:windows_2003_server::::::::
microsoft	windows_2003_server	—	cpe:2.3:o:microsoft:windows_2003_server::r2::::::*
microsoft	windows_2003_server	—	cpe:2.3:o:microsoft:windows_2003_server::r2:x64:::::
microsoft	windows_2003_server	—	cpe:2.3:o:microsoft:windows_2003_server::sp2:itanium:::::
microsoft	windows_server_2003	—	cpe:2.3:o:microsoft:windows_server_2003::::::::
microsoft	windows_server_2003	—	cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*

References for CVE-2011-0654

URL	Tags
http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0284.html
http://blogs.technet.com/b/mmpc/archive/2011/02/16/my-sweet-valentine-the-cifs-browser-protocol-heap-corruption-vulnerability.aspx
http://blogs.technet.com/b/srd/archive/2011/02/16/notes-on-exploitability-of-the-recent-windows-browser-protocol-issue.aspx
http://secunia.com/advisories/43299	Vendor Advisory
http://www.exploit-db.com/exploits/16166	Exploit
http://www.kb.cert.org/vuls/id/323172	US Government Resource
http://www.securityfocus.com/bid/46360	Exploit
http://www.securitytracker.com/id?1025328
http://www.us-cert.gov/cas/techalerts/TA11-102A.html	US Government Resource
http://www.vupen.com/english/advisories/2011/0394	Vendor Advisory
http://www.vupen.com/english/advisories/2011/0938	Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-019
https://exchange.xforce.ibmcloud.com/vulnerabilities/65376
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12637

cvelogic Threat Intelligence