Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-1765

Опубликовано: 30 мар. 2007
Источник: nvd
CVSS2: 9.3
EPSS Средний

Описание

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:ja:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:datacenter:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:enterprise:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:standard:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:web_edition:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:business:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:december_ctp:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:enterprise:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_basic:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_premium:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:beta:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:beta1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:beta2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:media_center:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:tablet_pc:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*
Версия до 6 (включая)
cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s3400:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*

EPSS

Процентиль: 98%
0.60253
Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-f56g-48jx-gg6q

github
почти 4 года назад

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

EPSS

Процентиль: 98%
0.60253
Средний

9.3 Critical

CVSS2

Дефекты

NVD-CWE-noinfo