CVE-2012-1194

medium

Published 2012-02-17 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.4

VIR risk

6.4

Description

The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact

OS	Version	Status	Fixed in
windows		affected
windows	-	affected

References

https://www.isc.org/files/imce/ghostdomain_camera.pdf
https://www.isc.org/files/imce/ghostdomain_camera.pdf

Verify integrity in audit chain (admin only). AS-IS.