CVE-2007-1211
Microsoft Windows - GDI Privilege Escalation (MS07-017)
Severity Score
7.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560.
Funciones GDI no especificadas del kernel en Microsoft Windows 2000 SP4; XP SP2; y Server 2003 Gold, SP1 y SP2, permiten a los atacantes remotos asistidos por el usuario causar una denegación de servicio (reinicio posiblemente persistente) por medio de una imagen de Windows Metafile (WMF) creada que causa una desreferencia no válida de un desplazamiento (offset) en una estructura del kernel, un problema relacionado al CVE-2005-4560.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-03-02 CVE Reserved
- 2007-04-04 CVE Published
- 2007-04-08 First Exploit
- 2024-08-07 CVE Updated
- 2024-08-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499 | Third Party Advisory | |
| http://www.securityfocus.com/bid/23275 | Vdb Entry | |
| http://www.securitytracker.com/id?1017843 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33258 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1571 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/3688 | 2007-04-08 | |
| https://www.exploit-db.com/exploits/3755 | 2007-04-17 | |
| https://www.exploit-db.com/exploits/3804 | 2007-04-26 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/archive/1/466186/100/200/threaded | 2018-10-16 | |
| http://www.vupen.com/english/advisories/2007/1215 | 2018-10-16 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017 | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows 2000 Search vendor "Microsoft" for product "Windows 2000" | * | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | gold Search vendor "Microsoft" for product "Windows 2003 Server" and version "gold" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | gold Search vendor "Microsoft" for product "Windows 2003 Server" and version "gold" | itanium |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | gold Search vendor "Microsoft" for product "Windows 2003 Server" and version "gold" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp1 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp1" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp1 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp1" | itanium |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | itanium |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 2003 Server Search vendor "Microsoft" for product "Windows 2003 Server" | sp2 Search vendor "Microsoft" for product "Windows 2003 Server" and version "sp2" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | gold, professional_x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, professional_x64 |
Affected
| ||||||