Lucene search

K
cve[email protected]CVE-2007-5145
HistoryOct 01, 2007 - 5:17 a.m.

CVE-2007-5145

2007-10-0105:17:00
CWE-119
web.nvd.nist.gov
16
microsoft windows
xp
dll files
buffer overflows
denial of service
remote attackers
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.865 High

EPSS

Percentile

98.6%

Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of service (application crash) via long strings in the (1) author, (2) title, (3) subject, and (4) comment Properties fields of a file, possibly involving improper handling of extended file attributes by the (a) NtQueryInformationFile, (b) NtQueryDirectoryFile, © NtSetInformationFile, (d) FileAllInformation, (e) FileNameInformation, and other FILE_INFORMATION_CLASS functions in ntdll.dll and the (f) GetFileAttributesExW and (g) GetFileAttributesW functions in kernel32.dll, a related issue to CVE-2007-1347.

Affected configurations

NVD
Node
microsoftwindows_xpMatch-

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.865 High

EPSS

Percentile

98.6%

Related for CVE-2007-5145