CVE Vulnerability

CVE-2007-1537

DeviceNdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.

3.6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=47
http://www.securityfocus.com/bid/23025
http://secunia.com/advisories/24598
http://www.osvdb.org/33628
http://securityreason.com/securityalert/2471
http://www.vupen.com/english/advisories/2007/1031
https://exchange.xforce.ibmcloud.com/vulnerabilities/33086
http://www.securityfocus.com/archive/1/463208/100/0/threaded
Configurations

Configuration 1

cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
Information

Published : 2007-03-20 10:19

Updated : 2018-10-16 04:39

NVD link : CVE-2007-1537

Mitre link : CVE-2007-1537

Products Affected
No products.
CWE
NVD-CWE-Other