Microsoft Windows Explorer JPG File Denial of Service Vulnerability

Bugtraq ID:	25207
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-4227
Remote:	Yes
Local:	No
Published:	Aug 06 2007 12:00AM
Updated:	May 07 2015 05:36PM
Credit:	CrazyAngel is credited with the discovery of this vulnerability.
Vulnerable:	Microsoft Windows XP 0
Not Vulnerable:

Microsoft Windows Explorer JPG File Denial of Service Vulnerability

Microsoft Windows Explorer is prone to a denial-of-service vulnerability.

An attacker could exploit this issue to cause Explorer to crash, effectively denying service. Arbitrary code execution may be possible, but this has not been confirmed.

This issue affects Windows Explorer on Microsoft Windows XP; other operating systems may also be affected.

Microsoft Windows Explorer JPG File Denial of Service Vulnerability

The following proof-of-concept exploit is available:

• /data/vulnerabilities/exploits/25207.pl

Microsoft Windows Explorer JPG File Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Microsoft Windows Explorer JPG File Denial of Service Vulnerability

References:

• Microsoft Windows Homepage (Microsoft )
  
• CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel (CrazyAngel)