Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
BID:22715
Info
Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
| Bugtraq ID: | 22715 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-1090 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 25 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | sehato and AzM independently discovered this vulnerability. |
| Vulnerable: |
Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows Server 2003 Web Edition SP1 Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard Edition SP1 Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Enterprise Edition SP1 Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter Edition SP1 Microsoft Windows Server 2003 Datacenter Edition |
| Not Vulnerable: | |
Discussion
Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
Microsoft Windows Explorer is prone to a denial-of-service vulnerability.
A remote attacker may exploit this vulnerability by presenting a malicious file to a victim user. Users do not have to open the file -- simply browsing a folder containing the malicious file is sufficient to trigger this issue.
A successful exploit will crash the vulnerable application, effectively denying service.
This issue may be related to BID 19365 (Microsoft Windows GDI32.DLL WMF Remote Denial of Service Vulnerability) or BID 21992 (Microsoft Windows Explorer WMF File Denial of Service Vulnerability).
Microsoft Windows Explorer is prone to a denial-of-service vulnerability.
A remote attacker may exploit this vulnerability by presenting a malicious file to a victim user. Users do not have to open the file -- simply browsing a folder containing the malicious file is sufficient to trigger this issue.
A successful exploit will crash the vulnerable application, effectively denying service.
This issue may be related to BID 19365 (Microsoft Windows GDI32.DLL WMF Remote Denial of Service Vulnerability) or BID 21992 (Microsoft Windows Explorer WMF File Denial of Service Vulnerability).
Exploit / POC
Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
The following exploit is available:
The following exploit is available:
Solution / Fix
Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Microsoft Windows Explorer WMF File Handling Denial of Service Vulnerability
References:
References: