Lucene search

K
nvd[email protected]NVD:CVE-2007-1204
HistoryApr 10, 2007 - 9:19 p.m.

CVE-2007-1204

2007-04-1021:19:00
CWE-119
web.nvd.nist.gov
8

CVSS2

6.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.903

Percentile

98.9%

Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption.

Affected configurations

Nvd
Node
microsoftwindows_xpsp2
VendorProductVersionCPE
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

CVSS2

6.8

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.903

Percentile

98.9%