Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-156
Vulnerability from certfr_avis
Plusieurs vulnérabilités ont été identifiées dans des composants graphiques de Microsoft Windows. Certaines sont largement exploitées actuellement, et ont fait l'objet des alertes CERTA-2007-ALE-002 et CERTA-2007-ALE-008. L'exploitation de ces dernières peut entraîner une élévation locale de privilèges, voire un déni de service ou l'exécution de code arbitraire à distance.
Description
Plusieurs vulnérabilités ont été identifiées dans des composants graphiques de Microsoft Windows. Parmi celles-ci :
- Windows ne manipulerait pas correctement les fichiers de formats de curseurs et d'icônes (reconnaissables par l'extension .ani). Cette vulnérabilité, largement exploitée, a fait l'objet de l'alerte CERTA-2007-ALE-008.
- L'ensemble de fonctions GDI (pour Graphical Device Interface) servant au traitement de fichiers graphiques, et plus précisément, son moteur de rendu Windows Graphics Rendering Engine, ne manipulerait pas correctement certains fichiers graphiques de type WMF (Windows Metafile Format) et EMF (Enhanced Metafile Format).
- GDI ne manipulerait pas correctement certaines tailles de fenêtres d'affichage. Cette vulnérabilité peut être exploitée par le biais d'une application malveillante, permettant ainsi une élévation de privilèges.
- GDI ne contrôlerait pas correctement certains paramètres liés à la coloration, ce qui pourrait provoquer un débordement de mémoire.
- Certaines polices de caractères ne seraient pas correctement interprétées par True Type Font Rasterizer, permettant à un utilisateur local de prendre le contrôle complet du système vulnérable.
Solution
Se référer au bulletin de sécurité MS07-017 de Microsoft pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Windows | Microsoft Windows XP Professional x64 Edition (SP2 inclus) ; | ||
| Microsoft | Windows | Microsoft Windows XP Service Pack 2 ; | ||
| Microsoft | Windows | Microsoft Windows Server 2003 (SP1 et SP2 inclus, ainsi que les versions pour les systèmes Itanium) ; | ||
| Microsoft | Windows | Microsoft Vista ; | ||
| Microsoft | Windows | Microsoft Windows Server 2003 x64 Edition (SP2 inclus) ; | ||
| Microsoft | Windows | Microsoft Vista x64 Edition. | ||
| Microsoft | Windows | Microsoft Windows 2000 Service Pack 4 ; |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Microsoft Windows XP Professional x64 Edition (SP2 inclus) ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Windows XP Service Pack 2 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Windows Server 2003 (SP1 et SP2 inclus, ainsi que les versions pour les syst\u00e8mes Itanium) ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Vista ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Windows Server 2003 x64 Edition (SP2 inclus) ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Vista x64 Edition.",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "Microsoft Windows 2000 Service Pack 4 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans des composants\ngraphiques de Microsoft Windows. Parmi celles-ci :\n\n- Windows ne manipulerait pas correctement les fichiers de formats de\n curseurs et d\u0027ic\u00f4nes (reconnaissables par l\u0027extension .ani). Cette\n vuln\u00e9rabilit\u00e9, largement exploit\u00e9e, a fait l\u0027objet de l\u0027alerte\n CERTA-2007-ALE-008.\n- L\u0027ensemble de fonctions GDI (pour Graphical Device Interface)\n servant au traitement de fichiers graphiques, et plus pr\u00e9cis\u00e9ment,\n son moteur de rendu Windows Graphics Rendering Engine, ne\n manipulerait pas correctement certains fichiers graphiques de type\n WMF (Windows Metafile Format) et EMF (Enhanced Metafile Format).\n- GDI ne manipulerait pas correctement certaines tailles de fen\u00eatres\n d\u0027affichage. Cette vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par le biais\n d\u0027une application malveillante, permettant ainsi une \u00e9l\u00e9vation de\n privil\u00e8ges.\n- GDI ne contr\u00f4lerait pas correctement certains param\u00e8tres li\u00e9s \u00e0 la\n coloration, ce qui pourrait provoquer un d\u00e9bordement de m\u00e9moire.\n- Certaines polices de caract\u00e8res ne seraient pas correctement\n interpr\u00e9t\u00e9es par True Type Font Rasterizer, permettant \u00e0 un\n utilisateur local de prendre le contr\u00f4le complet du syst\u00e8me\n vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS07-017 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-5758",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5758"
},
{
"name": "CVE-2007-1211",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1211"
},
{
"name": "CVE-2006-5586",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-5586"
},
{
"name": "CVE-2007-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0038"
},
{
"name": "CVE-2007-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1215"
},
{
"name": "CVE-2007-1212",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1212"
},
{
"name": "CVE-2007-1213",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1213"
}
],
"initial_release_date": "2007-04-03T00:00:00",
"last_revision_date": "2007-04-03T00:00:00",
"links": [
{
"title": "Alerte CERTA-2007-ALE-002 du 12 janvier 2007 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-002/"
},
{
"title": "Alerte CERTA-2007-ALE-008 du 29 mars 2007 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-008/"
}
],
"reference": "CERTA-2007-AVI-156",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-04-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans des composants\ngraphiques de Microsoft Windows. Certaines sont largement exploit\u00e9es\nactuellement, et ont fait l\u0027objet des alertes CERTA-2007-ALE-002 et\nCERTA-2007-ALE-008. L\u0027exploitation de ces derni\u00e8res peut entra\u00eener une\n\u00e9l\u00e9vation locale de privil\u00e8ges, voire un d\u00e9ni de service ou l\u0027ex\u00e9cution\nde code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans des composants graphiques de Microsoft Windows",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS07-017 du 03 avril 2007",
"url": "http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx"
}
]
}
CVE-2007-1211 (GCVE-0-2007-1211)
Vulnerability from cvelistv5
Published
2007-04-04 16:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:34.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "oval:org.mitre.oval:def:1571",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1571"
},
{
"name": "1017843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017843"
},
{
"name": "23275",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23275"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "win-wmf-dos(33258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33258"
},
{
"name": "20070403 Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "oval:org.mitre.oval:def:1571",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1571"
},
{
"name": "1017843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017843"
},
{
"name": "23275",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23275"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "win-wmf-dos(33258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33258"
},
{
"name": "20070403 Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "oval:org.mitre.oval:def:1571",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1571"
},
{
"name": "1017843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017843"
},
{
"name": "23275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23275"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "win-wmf-dos(33258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33258"
},
{
"name": "20070403 Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=499"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-1211",
"datePublished": "2007-04-04T16:00:00",
"dateReserved": "2007-03-02T00:00:00",
"dateUpdated": "2024-08-07T12:50:34.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0038 (GCVE-0-2007-0038)
Vulnerability from cvelistv5
Published
2007-03-30 20:00
Modified
2024-08-07 12:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TA07-093A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-093A.html"
},
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "2542",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2542"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0470.html"
},
{
"name": "oval:org.mitre.oval:def:1854",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1854"
},
{
"name": "20070331 RE: [Full-disclosure] 0-day ANI vulnerability in Microsoft Windows(CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464342/100/0/threaded"
},
{
"name": "VU#191609",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/191609"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "24659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24659"
},
{
"name": "TA07-089A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-089A.html"
},
{
"name": "win-ani-code-execution(33301)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33301"
},
{
"name": "20070402 MS announces out-of-band patch for ANI 0day",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464460/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.determina.com/security_center/security_advisories/securityadvisory_0day_032907.asp"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "TA07-100A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html"
},
{
"name": "33629",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33629"
},
{
"name": "20070402 More information on ZERT patch for ANI 0day",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464459/100/100/threaded"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464269/100/0/threaded"
},
{
"name": "20070331 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464340/100/0/threaded"
},
{
"name": "20070330 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464339/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "TA07-093A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-093A.html"
},
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "2542",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2542"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0470.html"
},
{
"name": "oval:org.mitre.oval:def:1854",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1854"
},
{
"name": "20070331 RE: [Full-disclosure] 0-day ANI vulnerability in Microsoft Windows(CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464342/100/0/threaded"
},
{
"name": "VU#191609",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/191609"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "24659",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24659"
},
{
"name": "TA07-089A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-089A.html"
},
{
"name": "win-ani-code-execution(33301)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33301"
},
{
"name": "20070402 MS announces out-of-band patch for ANI 0day",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464460/100/100/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.determina.com/security_center/security_advisories/securityadvisory_0day_032907.asp"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "TA07-100A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html"
},
{
"name": "33629",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33629"
},
{
"name": "20070402 More information on ZERT patch for ANI 0day",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464459/100/100/threaded"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464269/100/0/threaded"
},
{
"name": "20070331 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464340/100/0/threaded"
},
{
"name": "20070330 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464339/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-0038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA07-093A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-093A.html"
},
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "2542",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2542"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0470.html"
},
{
"name": "oval:org.mitre.oval:def:1854",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1854"
},
{
"name": "20070331 RE: [Full-disclosure] 0-day ANI vulnerability in Microsoft Windows(CVE-2007-0038)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464342/100/0/threaded"
},
{
"name": "VU#191609",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/191609"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "24659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24659"
},
{
"name": "TA07-089A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-089A.html"
},
{
"name": "win-ani-code-execution(33301)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33301"
},
{
"name": "20070402 MS announces out-of-band patch for ANI 0day",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464460/100/100/threaded"
},
{
"name": "http://www.determina.com/security_center/security_advisories/securityadvisory_0day_032907.asp",
"refsource": "MISC",
"url": "http://www.determina.com/security_center/security_advisories/securityadvisory_0day_032907.asp"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "TA07-100A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html"
},
{
"name": "33629",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33629"
},
{
"name": "20070402 More information on ZERT patch for ANI 0day",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464459/100/100/threaded"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464269/100/0/threaded"
},
{
"name": "20070331 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464340/100/0/threaded"
},
{
"name": "20070330 Re: 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464339/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-0038",
"datePublished": "2007-03-30T20:00:00",
"dateReserved": "2007-01-03T00:00:00",
"dateUpdated": "2024-08-07T12:03:36.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1213 (GCVE-0-2007-1213)
Vulnerability from cvelistv5
Published
2007-04-04 16:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:34.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "23276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23276"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "1017845",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017845"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1797",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "23276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23276"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "1017845",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017845"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1797",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "23276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23276"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "1017845",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017845"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1797",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1797"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-1213",
"datePublished": "2007-04-04T16:00:00",
"dateReserved": "2007-03-02T00:00:00",
"dateUpdated": "2024-08-07T12:50:34.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5586 (GCVE-0-2006-5586)
Vulnerability from cvelistv5
Published
2007-04-04 16:00
Modified
2024-08-07 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1385",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23277",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23277"
},
{
"name": "1017846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017846"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via \"invalid application window sizes\" in layered application windows, aka the \"GDI Invalid Window Size Elevation of Privilege Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1385",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23277",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23277"
},
{
"name": "1017846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017846"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-5586",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via \"invalid application window sizes\" in layered application windows, aka the \"GDI Invalid Window Size Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1385",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23277"
},
{
"name": "1017846",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017846"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-5586",
"datePublished": "2007-04-04T16:00:00",
"dateReserved": "2006-10-27T00:00:00",
"dateUpdated": "2024-08-07T19:55:53.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1215 (GCVE-0-2007-1215)
Vulnerability from cvelistv5
Published
2007-04-04 16:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:34.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017847"
},
{
"name": "oval:org.mitre.oval:def:1927",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1927"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23273"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain \"color-related parameters\" in crafted images."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017847"
},
{
"name": "oval:org.mitre.oval:def:1927",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1927"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23273"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain \"color-related parameters\" in crafted images."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017847",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017847"
},
{
"name": "oval:org.mitre.oval:def:1927",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1927"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "23273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23273"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-1215",
"datePublished": "2007-04-04T16:00:00",
"dateReserved": "2007-03-02T00:00:00",
"dateUpdated": "2024-08-07T12:50:34.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5758 (GCVE-0-2006-5758)
Vulnerability from cvelistv5
Published
2006-11-06 20:00
Modified
2024-08-07 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:04:55.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"name": "oval:org.mitre.oval:def:2056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "ADV-2006-4358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4358"
},
{
"name": "windows-gdi-kernel-privilege-escalation(30042)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html"
},
{
"name": "1017168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017168"
},
{
"name": "20940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20940"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "22668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22668"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"name": "oval:org.mitre.oval:def:2056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "ADV-2006-4358",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4358"
},
{
"name": "windows-gdi-kernel-privilege-escalation(30042)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html"
},
{
"name": "1017168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017168"
},
{
"name": "20940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20940"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "22668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22668"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "http://kernelwars.blogspot.com/2007/01/alive.html",
"refsource": "MISC",
"url": "http://kernelwars.blogspot.com/2007/01/alive.html"
},
{
"name": "oval:org.mitre.oval:def:2056",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2056"
},
{
"name": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Eriksson"
},
{
"name": "ADV-2006-4358",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4358"
},
{
"name": "windows-gdi-kernel-privilege-escalation(30042)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30042"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/mokb/MOKB-06-11-2006.html"
},
{
"name": "1017168",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017168"
},
{
"name": "20940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20940"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "22668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22668"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5758",
"datePublished": "2006-11-06T20:00:00",
"dateReserved": "2006-11-06T00:00:00",
"dateUpdated": "2024-08-07T20:04:55.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1212 (GCVE-0-2007-1212)
Vulnerability from cvelistv5
Published
2007-04-04 16:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:34.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017844"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1923",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1923"
},
{
"name": "23278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23278"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "ADV-2007-1215",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017844"
},
{
"name": "HPSBST02206",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1923",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1923"
},
{
"name": "23278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23278"
},
{
"name": "MS07-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1215",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1215"
},
{
"name": "1017844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017844"
},
{
"name": "HPSBST02206",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:1923",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1923"
},
{
"name": "23278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23278"
},
{
"name": "MS07-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017"
},
{
"name": "SSRT071354",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466186/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2007-1212",
"datePublished": "2007-04-04T16:00:00",
"dateReserved": "2007-03-02T00:00:00",
"dateUpdated": "2024-08-07T12:50:34.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…