CVE-2007-1765

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

CVSS v2.0 9.3

9.3^/10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References

Link	Resource
http://vil.nai.com/vil/content/v_141860.htm	Broken Link
http://www.avertlabs.com/research/blog/?p=230	Third Party Advisory
http://www.avertlabs.com/research/blog/?p=233	Third Party Advisory
http://www.microsoft.com/technet/security/advisory/935423.mspx	Vendor Advisory
http://www.securityfocus.com/bid/23194	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1017827	Third Party Advisory VDB Entry
http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/	Broken Link
http://research.eeye.com/html/alerts/zeroday/20070328.html	Third Party Advisory
http://www.vupen.com/english/advisories/2007/1151	Third Party Advisory
http://www.securityfocus.com/archive/1/464345/100/0/threaded
http://www.securityfocus.com/archive/1/464287/100/0/threaded

Configurations

Configuration 1

cpe:2.3:o:microsoft:windows_vista:*:beta:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:beta2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:beta1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:advanced_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:datacenter_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:professional:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:*:*:ja:server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:advanced_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:datacenter_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:professional:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:advanced_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:datacenter_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:advanced_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:datacenter_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:professional:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:advanced_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:datacenter_server:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:professional:*:*:*

cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:server:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:business:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:december_ctp:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:enterprise:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_basic:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_premium:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:home:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:media_center:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:professional:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:tablet_pc:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:datacenter:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:enterprise:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:web_edition:*:*:*

cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:standard:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x86:*

cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:professional:*:*:*

cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*

cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*

cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*

cpe:2.3:h:avaya:s3400:*:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*

History

24 Jan 2023, 16:19

Type	Values Removed	Values Added
CPE		cpe:2.3:a:predictapp_project:predictapp::::::::
References	~~(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 -~~	(MISC) https://github.com/abhilash1985/PredictApp/commit/b067372f3ee26fe1b657121f0f41883ff4461a06 - Patch, Third Party Advisory
References	~~(MISC) https://github.com/abhilash1985/PredictApp/pull/73 -~~	(MISC) https://github.com/abhilash1985/PredictApp/pull/73 - Patch, Third Party Advisory
References	~~(MISC) https://vuldb.com/?id.218387 -~~	(MISC) https://vuldb.com/?id.218387 - Third Party Advisory
References	~~(MISC) https://vuldb.com/?ctiid.218387 -~~	(MISC) https://vuldb.com/?ctiid.218387 - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Predictapp Project predictapp Predictapp Project

16 Jan 2023, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2007-03-30 12:19

Updated : 2021-07-23 12:16

NVD link : CVE-2007-1765

Mitre link : CVE-2007-1765

Products Affected

No products.

CWE

NVD-CWE-noinfo