// For flags

CVE-2007-1765

Microsoft Windows Explorer - '.ANI' File Denial of Service

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

11
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

Una vulnerabilidad no especificada en Microsoft Windows 2000 SP4 hasta Windows Vista permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (reinicio persistente) por medio de un archivo ANI malformado, lo que resulta en una corrupción de memoria durante el procesamiento de cursores, cursores animados e iconos, un problema similar al CVE-2005-0416, como se demostró originalmente usando Internet Explorer versiones 6 y 7. NOTA: este problema podría ser un duplicado del CVE-2007-0038; si es así, utilizar el CVE-2007-0038 en lugar de este identificador.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-03-29 CVE Reserved
  • 2007-03-30 CVE Published
  • 2007-03-31 First Exploit
  • 2024-08-07 CVE Updated
  • 2024-10-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*advanced_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*datacenter_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*professional
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*ja, server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp1, advanced_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp1, datacenter_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp1, professional
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp1, server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp2, advanced_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp2, datacenter_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp2, server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp3, advanced_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp3, datacenter_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp3, professional
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp3, server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp4, advanced_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp4, datacenter_server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp4, professional
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp4, server
Affected
Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
-sp2, professional
Affected
Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
-datacenter
Affected
Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
-enterprise
Affected
Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
-standard
Affected
Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
-web_edition
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*x86
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*business
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*december_ctp
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*enterprise
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*home_basic
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*home_premium
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*beta
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*beta1
Affected
Microsoft
Search vendor "Microsoft"
Windows Vista
Search vendor "Microsoft" for product "Windows Vista"
*beta2
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*sp2, home
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*sp2, media_center
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*sp2, professional
Affected
Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*sp2, tablet_pc
Affected
Avaya
Search vendor "Avaya"
Ip600 Media Servers
Search vendor "Avaya" for product "Ip600 Media Servers"
*-
Affected
Microsoft
Search vendor "Microsoft"
Ie
Search vendor "Microsoft" for product "Ie"
7.0
Search vendor "Microsoft" for product "Ie" and version "7.0"
vista
Affected
Microsoft
Search vendor "Microsoft"
Internet Explorer
Search vendor "Microsoft" for product "Internet Explorer"
<= 6
Search vendor "Microsoft" for product "Internet Explorer" and version " <= 6"
-
Affected
Avaya
Search vendor "Avaya"
Definity One Media Server
Search vendor "Avaya" for product "Definity One Media Server"
*-
Affected
Avaya
Search vendor "Avaya"
S3400
Search vendor "Avaya" for product "S3400"
*-
Affected
Avaya
Search vendor "Avaya"
S8100
Search vendor "Avaya" for product "S8100"
*-
Affected