PRIOn knowledge basePRION:CVE-2007-1215

HistoryApr 04, 2007 - 4:19 p.m.

Buffer overflow

2007-04-0416:19:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.4%

JSON

Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain “color-related parameters” in crafted images.

CPENameOperatorVersion
windows_2003_servereqsp2 x64
windows_2003_servereqsp1 itanium
windows_2003_servereqgold x64
windows_2003_servereq1.0.0-sp
windows_2003_servereqsp2 itanium
windows_2003_servereq2.0.0-sp

Name	Operator	Version
windows_2003_server	eq	sp2 x64
windows_2003_server	eq	sp1 itanium
windows_2003_server	eq	gold x64
windows_2003_server	eq	1.0.0-sp
windows_2003_server	eq	sp2 itanium
windows_2003_server	eq	2.0.0-sp

References

www.securityfocus.com/archive/1/466186/100/200/threaded

www.securityfocus.com/bid/23273

www.securitytracker.com/id?1017847

www.vupen.com/english/advisories/2007/1215

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1927

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.4%

JSON

Related for PRION:CVE-2007-1215