A vulnerability exists in the SMB client of Microsoft Windows 7 and Windows Server 2008 R2. This vulnerability allows an attacker to trigger a kernel stack overflow by sending a specific “SMB_COM_TRANSACTION2” response. Attacking the SMB client can be achieved by convincing a user to connect to a malicious SMB server. Alternatively, the attacker could attempt man-in-the-middle attacks (such as ARP spoofing, NBNS packet spoofing, etc.) to redirect legitimate SMB connections to a malicious SMB server. Successful exploitation of this issue may result in remote code execution with kernel privileges.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88435/SS-2010-004.txt
Source: https://packetstormsecurity.com/files/88435/Microsoft-SMB-Client-Kernel-Stack-Overflow.html