FKIE_CVE-2007-5133
Vulnerability from fkie_nvd - Published: 2007-09-27 19:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:itanium:*:*:*:*:*",
"matchCriteriaId": "580632FB-7EB8-4DC6-A372-742D4523BF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:std:*:*:*:*:*",
"matchCriteriaId": "9562EC45-0F28-4E4D-AA16-7E34241F26B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:wed:*:*:*:*:*",
"matchCriteriaId": "1DA5F012-9457-4562-B50C-2C674008B494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64-std:*:*:*:*:*",
"matchCriteriaId": "4EF7C885-1142-477C-9AA2-5068EB9EFE82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:xp-64bit:*:*:*:*:*",
"matchCriteriaId": "5B5D0781-714B-4BE8-B74A-3A2CBC58F604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*",
"matchCriteriaId": "6F3C557A-71D8-47F9-9E12-CE938F301E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*",
"matchCriteriaId": "81C8959A-915B-472F-B043-A57BA11FDB93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:std:*:*:*:*:*",
"matchCriteriaId": "00C55EE5-2F70-4DC3-937A-BB5F13AC078E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:wed:*:*:*:*:*",
"matchCriteriaId": "918EA750-E48B-438D-9C22-531A153D66B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64:*:*:*:*:*",
"matchCriteriaId": "B92137A3-71F9-466B-87CA-F3E9EF53AE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64-std:*:*:*:*:*",
"matchCriteriaId": "115D2DE5-8F40-441C-8783-430668AEE356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:*:*:*:*:*:*",
"matchCriteriaId": "7A83A9DC-224F-4887-A4AE-9071B081AE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:std:*:*:*:*:*",
"matchCriteriaId": "E44AD1AD-C4BD-45F0-953A-13209C772205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:wed:*:*:*:*:*",
"matchCriteriaId": "A52FC62B-4CCD-46C1-B0E1-2328707C28D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64:*:*:*:*:*",
"matchCriteriaId": "0A8D49FA-C8F8-4B59-BBCB-924CC105B371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64-std:*:*:*:*:*",
"matchCriteriaId": "701A3529-675F-43B8-89DE-EB571C4CE8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:std:*:*:*:*:*",
"matchCriteriaId": "30A3D604-7DC9-42F3-9DB1-AF32CA4C8BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:wed:*:*:*:*:*",
"matchCriteriaId": "AAED2910-B2DE-4349-AF56-3AD25A9A6F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
"matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:std:*:*:*:*:*",
"matchCriteriaId": "BA1482B6-C9A1-497A-8CD7-63F9F7CEAB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:wed:*:*:*:*:*",
"matchCriteriaId": "73CDA5B6-99B9-475E-A8F7-837A7EB9747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAA86830-BEA8-4943-83EA-C267FA534223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:-:*:*:*:*:*:*",
"matchCriteriaId": "D826455B-E635-4FB2-9428-81028E10D98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:business:*:*:*:*:*",
"matchCriteriaId": "BDDE7F1B-768A-4A53-8765-E48DEB0EF3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:enterprise:*:*:*:*:*",
"matchCriteriaId": "8FF0D88B-821D-4E45-A2EC-5279B9190356",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:home_basic:*:*:*:*:*",
"matchCriteriaId": "1A9CAA2B-947F-47E8-A032-DFA2D1F05B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:home_premium:*:*:*:*:*",
"matchCriteriaId": "4C17A747-EF5C-4852-89F7-DE45DDD6EB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:starter:*:*:*:*:*",
"matchCriteriaId": "A2CB64F9-655C-4D56-B1BE-F9C04E5AA678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:ultimate:*:*:*:*:*",
"matchCriteriaId": "F0257B7A-A8D1-4AC9-98C8-324B5B810877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64-business:*:*:*:*:*",
"matchCriteriaId": "FE3A1EF2-B7F1-4006-A4C2-05342703C841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64-home_basic:*:*:*:*:*",
"matchCriteriaId": "CCAD23B6-A2F0-48A6-ADFF-6E0E091DD896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*",
"matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*",
"matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64bit:*:*:*:*:*",
"matchCriteriaId": "40DCD873-93E3-403A-8446-65F7E1B4FAD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*",
"matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:ibm_oem:*:*:*:*:*",
"matchCriteriaId": "81A690FA-1808-4E4F-8CBC-75FB5358D439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro:*:*:*:*:*",
"matchCriteriaId": "19DA594E-B495-4C5D-BC94-79582D3983C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "E4707F3F-F79E-4085-A81B-569204B7B1DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*",
"matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:embedded:*:*:*:*:*",
"matchCriteriaId": "6F874274-760A-4544-BA19-0DB4F051FBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:media_center:*:*:*:*:*",
"matchCriteriaId": "F3D392C5-7158-459B-B8F4-DB8A89442587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:pro:*:*:*:*:*",
"matchCriteriaId": "629092E5-2AE1-4401-BFE6-DFB541A6E781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "8A6EDD65-D857-49A4-89FF-8DDF0D016613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A74985B6-BCA5-49E3-878B-77D7FA43070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64bit:*:*:*:*:*",
"matchCriteriaId": "FC8D6802-5F57-477E-B439-529081666852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*",
"matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:ibm_oem:*:*:*:*:*",
"matchCriteriaId": "2C387041-0A42-4A18-A28B-49F739BB375B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:pro:*:*:*:*:*",
"matchCriteriaId": "E78E8FC4-9D64-4ADC-B318-55F4337B7EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:embedded:*:*:*:*:*",
"matchCriteriaId": "B6031BA1-2F87-4556-A205-1E1B7661DFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*",
"matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro:*:*:*:*:*",
"matchCriteriaId": "261215DA-7018-4CE5-B055-0935DF9089A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:3ware:3dm_disk_management_software:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3FDD57E0-16A0-4868-B6E2-DFA72B57F5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:3ware:3dm_disk_management_software:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9DF211B8-FFA0-4138-A3AC-F57CD7BD817F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."
},
{
"lang": "es",
"value": "Microsoft Windows Explorer (explorer.exe) permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante cierto fichero PNG con un trozo de texto grande que posiblemente provoca un desbordamiento de entero en el manejo del tama\u00f1o de trozos PNG, como ha sido demostrado por badlycrafted.png."
}
],
"id": "CVE-2007-5133",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-09-27T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/45521"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/45521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25816"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
},
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…