| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2007-6534 |
20 |
|
DoS |
2007-12-27 |
2018-10-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart. |
|
2 |
CVE-2007-6236 |
189 |
|
DoS |
2007-12-04 |
2017-09-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff. |
|
3 |
CVE-2007-5145 |
119 |
|
DoS Overflow |
2007-10-01 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of service (application crash) via long strings in the (1) author, (2) title, (3) subject, and (4) comment Properties fields of a file, possibly involving improper handling of extended file attributes by the (a) NtQueryInformationFile, (b) NtQueryDirectoryFile, (c) NtSetInformationFile, (d) FileAllInformation, (e) FileNameInformation, and other FILE_INFORMATION_CLASS functions in ntdll.dll and the (f) GetFileAttributesExW and (g) GetFileAttributesW functions in kernel32.dll, a related issue to CVE-2007-1347. |
|
4 |
CVE-2007-5144 |
119 |
|
DoS Exec Code Overflow |
2007-10-01 |
2008-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file. |
|
5 |
CVE-2007-5133 |
189 |
|
DoS Overflow |
2007-09-27 |
2021-07-07 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png. |
|
6 |
CVE-2007-4288 |
|
|
DoS |
2007-08-09 |
2018-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Windows Media Player 11 (wmplayer.exe) allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .au file that triggers a divide-by-zero error, as demonstrated by iapetus.au. |
|
7 |
CVE-2007-4247 |
|
|
DoS |
2007-08-08 |
2018-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file. |
|
8 |
CVE-2007-4227 |
|
|
DoS |
2007-08-08 |
2021-07-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain JPG file, as demonstrated by something.jpg. NOTE: this issue might be related to CVE-2007-3958. |
|
9 |
CVE-2007-3724 |
|
|
DoS |
2007-07-12 |
2008-11-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process sampling ticks, and gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." |
|
10 |
CVE-2007-3658 |
|
|
DoS |
2007-07-10 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Microsoft Register Server (REGSVR) allows attackers to cause a denial of service via a crafted DLL library. |
|
11 |
CVE-2007-3550 |
94 |
|
DoS |
2007-07-03 |
2021-07-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
** DISPUTED ** Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service (website suppression and resource consumption), aka "Internet Explorer Zone Domain Specification Dos and Page Suppressing". NOTE: this issue has been disputed by a third party, who states that the zone settings cannot be manipulated. |
|
12 |
CVE-2007-3282 |
|
|
DoS Exec Code Overflow |
2007-06-19 |
2017-10-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method. |
|
13 |
CVE-2007-3028 |
|
|
DoS |
2007-07-10 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of service (service unavailability) via a crafted LDAP request, related to "client sent LDAP request logic," aka "Windows Active Directory Denial of Service Vulnerability". NOTE: this is probably a different issue than CVE-2007-0040. |
|
14 |
CVE-2007-2903 |
|
|
DoS Overflow |
2007-05-30 |
2017-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (OUACTRL.OCX) 1.0.1.9 allows remote attackers to cause a denial of service (probably winhlp32.exe crash) via a long first argument. NOTE: it is not clear whether this issue crosses privilege boundaries. |
|
15 |
CVE-2007-2897 |
|
|
DoS Exec Code Bypass +Info |
2007-05-30 |
2017-07-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute arbitrary code after connecting a data stream to a device COM port; via requests for a URI containing a '/' immediately before and after the name of a DOS device, as demonstrated by the /AUX/.aspx URI, which bypasses a blacklist for DOS device requests. |
|
16 |
CVE-2007-2885 |
|
|
DoS |
2007-05-30 |
2008-11-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in VDT70.DLL in Microsoft Visual Database Tools (MSVDT) Database Designer 7.0 allows remote attackers to cause a denial of service (Internet Explorer 6 crash) via a long argument. |
|
17 |
CVE-2007-2884 |
20 |
|
DoS Exec Code Overflow |
2007-05-30 |
2017-10-11 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field. |
|
18 |
CVE-2007-2237 |
|
|
DoS |
2007-06-06 |
2018-10-16 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, which triggers a divide-by-zero error. |
|
19 |
CVE-2007-2228 |
|
|
DoS |
2007-10-09 |
2018-10-16 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak. |
|
20 |
CVE-2007-2218 |
|
|
DoS Exec Code |
2007-06-12 |
2018-10-16 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake. |
|
21 |
CVE-2007-2161 |
|
|
DoS |
2007-04-22 |
2022-02-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (browser hang) via JavaScript that matches a regular expression against a long string, as demonstrated using /(.)*/. |
|
22 |
CVE-2007-1946 |
|
|
DoS Exec Code Overflow |
2007-04-11 |
2018-10-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp. |
|
23 |
CVE-2007-1911 |
|
|
DoS Overflow |
2007-04-10 |
2017-10-11 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow. |
|
24 |
CVE-2007-1910 |
|
|
DoS Exec Code Overflow |
2007-04-10 |
2017-10-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc. |
|
25 |
CVE-2007-1765 |
|
|
DoS Exec Code Mem. Corr. |
2007-03-30 |
2021-07-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier. |
|
26 |
CVE-2007-1763 |
|
|
DoS Overflow |
2007-03-30 |
2017-07-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow. |
|
27 |
CVE-2007-1644 |
|
|
DoS |
2007-03-24 |
2017-10-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution). |
|
28 |
CVE-2007-1537 |
|
|
DoS |
2007-03-20 |
2018-10-16 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function. |
|
29 |
CVE-2007-1531 |
399 |
|
DoS |
2007-03-20 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host. |
|
30 |
CVE-2007-1530 |
|
|
DoS |
2007-03-20 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which allows remote attackers to cause a denial of service (mapping failure) by omitting an ACK response, which triggers an XML syntax error. |
|
31 |
CVE-2007-1492 |
|
|
DoS |
2007-03-16 |
2008-11-13 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file. |
|
32 |
CVE-2007-1239 |
|
|
DoS |
2007-03-03 |
2018-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference. |
|
33 |
CVE-2007-1238 |
399 |
|
DoS |
2007-03-03 |
2018-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file. |
|
34 |
CVE-2007-1211 |
399 |
|
DoS |
2007-04-04 |
2018-10-16 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560. |
|
35 |
CVE-2007-1094 |
|
|
DoS |
2007-02-26 |
2021-12-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document. |
|
36 |
CVE-2007-0878 |
|
|
DoS Overflow |
2007-02-12 |
2018-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an "overflow state." NOTE: it is possible that this issue is related to CVE-2007-0685. |
|
37 |
CVE-2007-0870 |
|
|
DoS |
2007-02-11 |
2018-10-16 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027. |
|
38 |
CVE-2007-0842 |
399 |
|
DoS |
2007-02-13 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition. |
|
39 |
CVE-2007-0811 |
|
|
DoS |
2007-02-07 |
2017-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById. |
|
40 |
CVE-2007-0685 |
|
|
DoS Overflow |
2007-02-03 |
2017-07-29 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows attackers to cause a denial of service (application crash and device instability) via unspecified vectors, possibly related to a buffer overflow. |
|
41 |
CVE-2007-0674 |
|
|
DoS |
2007-02-03 |
2017-07-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Pictures and Videos on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and PocketPC allows user-assisted remote attackers to cause a denial of service (device hang) via a malformed JPEG file. |
|
42 |
CVE-2007-0612 |
|
|
DoS |
2007-01-31 |
2021-07-23 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to cause a denial of service (Internet Explorer crash) by accessing the bgColor, fgColor, linkColor, alinkColor, vlinkColor, or defaultCharset properties in the (1) giffile, (2) htmlfile, (3) jpegfile, (4) mhtmlfile, (5) ODCfile, (6) pjpegfile, (7) pngfile, (8) xbmfile, (9) xmlfile, (10) xslfile, or (11) wdfile objects in (a) mshtml.dll; or the (12) TriEditDocument.TriEditDocument or (13) TriEditDocument.TriEditDocument.1 objects in (b) triedit.dll, which cause a NULL pointer dereference. |
|
43 |
CVE-2007-0562 |
|
|
DoS |
2007-01-30 |
2017-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file. |
|
44 |
CVE-2007-0515 |
|
|
DoS Exec Code Mem. Corr. |
2007-01-26 |
2018-10-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. |
|
45 |
CVE-2007-0356 |
|
|
DoS |
2007-01-19 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP.RootFolder property value. |
|
46 |
CVE-2007-0221 |
190 |
|
DoS Overflow |
2007-05-08 |
2020-04-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability." |
|
47 |
CVE-2007-0087 |
|
|
DoS |
2007-01-05 |
2018-10-16 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
** DISPUTED ** Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal. |
|
48 |
CVE-2007-0039 |
476 |
|
DoS |
2007-05-08 |
2020-04-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception. |
|
49 |
CVE-2007-0038 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2007-03-30 |
2018-10-16 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred. |
|
50 |
CVE-2006-7210 |
|
|
DoS |
2007-06-27 |
2017-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. |
