{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-28T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070330 ANI Zeroday, Third Party Patch", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/464287/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://research.eeye.com/html/alerts/zeroday/20070328.html"}, {"name": "20070331 Windows .ANI Stack Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/464345/100/0/threaded"}, {"name": "ADV-2007-1151", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1151"}, {"tags": ["x_refsource_MISC"], "url": "http://vil.nai.com/vil/content/v_141860.htm"}, {"tags": ["x_refsource_MISC"], "url": "http://www.avertlabs.com/research/blog/?p=230"}, {"name": "23194", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23194"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.microsoft.com/technet/security/advisory/935423.mspx"}, {"name": "1017827", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017827"}, {"tags": ["x_refsource_MISC"], "url": "http://www.avertlabs.com/research/blog/?p=233"}, {"tags": ["x_refsource_MISC"], "url": "http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1765", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070330 ANI Zeroday, Third Party Patch", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464287/100/0/threaded"}, {"name": "http://research.eeye.com/html/alerts/zeroday/20070328.html", "refsource": "MISC", "url": "http://research.eeye.com/html/alerts/zeroday/20070328.html"}, {"name": "20070331 Windows .ANI Stack Overflow Exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464345/100/0/threaded"}, {"name": "ADV-2007-1151", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1151"}, {"name": "http://vil.nai.com/vil/content/v_141860.htm", "refsource": "MISC", "url": "http://vil.nai.com/vil/content/v_141860.htm"}, {"name": "http://www.avertlabs.com/research/blog/?p=230", "refsource": "MISC", "url": "http://www.avertlabs.com/research/blog/?p=230"}, {"name": "23194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23194"}, {"name": "http://www.microsoft.com/technet/security/advisory/935423.mspx", "refsource": "CONFIRM", "url": "http://www.microsoft.com/technet/security/advisory/935423.mspx"}, {"name": "1017827", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017827"}, {"name": "http://www.avertlabs.com/research/blog/?p=233", "refsource": "MISC", "url": "http://www.avertlabs.com/research/blog/?p=233"}, {"name": "http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/", "refsource": "MISC", "url": "http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:06:26.389Z"}, "title": "CVE Program Container", "references": [{"name": "20070330 ANI Zeroday, Third Party Patch", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/464287/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://research.eeye.com/html/alerts/zeroday/20070328.html"}, {"name": "20070331 Windows .ANI Stack Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/464345/100/0/threaded"}, {"name": "ADV-2007-1151", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1151"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://vil.nai.com/vil/content/v_141860.htm"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.avertlabs.com/research/blog/?p=230"}, {"name": "23194", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23194"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.microsoft.com/technet/security/advisory/935423.mspx"}, {"name": "1017827", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017827"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.avertlabs.com/research/blog/?p=233"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1765", "datePublished": "2007-03-30T00:00:00", "dateReserved": "2007-03-29T00:00:00", "dateUpdated": "2024-08-07T13:06:26.389Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:advanced_server:*:*:*", "matchCriteriaId": "AA3A09BE-A21F-452A-AD64-D78DF3380832", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:datacenter_server:*:*:*", "matchCriteriaId": "28628E93-4651-4857-A706-DE6FD3580C67", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:professional:*:*:*", "matchCriteriaId": "ECC01F98-D6F4-4E85-A955-073E60E90AE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:ja:server:*:*:*", "matchCriteriaId": "CE1C0272-4570-4F11-8414-12CB9D3BCEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:advanced_server:*:*:*", "matchCriteriaId": "FD093703-ADE8-4E8A-A709-FCDD038C7D35", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:datacenter_server:*:*:*", "matchCriteriaId": "035D5A83-D654-413E-8640-622F29B20DFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:professional:*:*:*", "matchCriteriaId": "A55C505B-9947-4265-AD6C-8DE0523B4D01", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:server:*:*:*", "matchCriteriaId": "E7A27C63-4B55-461B-8383-1A51688027B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:advanced_server:*:*:*", "matchCriteriaId": "7614879A-D4A3-47AD-B9ED-BF1215E639A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:datacenter_server:*:*:*", "matchCriteriaId": "B0311224-650D-4D20-AF33-59928355F190", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:server:*:*:*", "matchCriteriaId": "29EA0849-935B-4767-B9CE-3896D0975DBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:advanced_server:*:*:*", "matchCriteriaId": "27E3BBCC-B815-4512-B786-17FFC1C09297", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:datacenter_server:*:*:*", "matchCriteriaId": "54C7B5CA-D37E-4FDE-A900-B9EAE7ACA65F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:professional:*:*:*", "matchCriteriaId": "1A6229F8-7710-44FE-93DA-47AA4E09179E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:server:*:*:*", "matchCriteriaId": "AA73DF99-991C-4677-AAB7-C19FAB4405D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:advanced_server:*:*:*", "matchCriteriaId": "50A1A0E5-40BD-437C-A3F0-CC4BA3186DBC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:datacenter_server:*:*:*", "matchCriteriaId": "B5A46321-D38D-49CD-9A3A-AC1D9946EB4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:professional:*:*:*", "matchCriteriaId": "47087873-68DF-418C-BFCD-5E8234560CAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:server:*:*:*", "matchCriteriaId": "B7799481-E15D-4DAF-8EE7-63CECD0DF93B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:professional:*:*:*", "matchCriteriaId": "4F2339C6-3BAA-48DD-BE2C-EA4271F35772", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:datacenter:*:*:*", "matchCriteriaId": "865CC1A8-4FCA-49EC-B402-56AB27BF8AD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:enterprise:*:*:*", "matchCriteriaId": "A2166C33-6596-433D-8510-9A90B1679C80", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:standard:*:*:*", "matchCriteriaId": "9BC12FB3-5FCE-467F-B738-9D89B328BF7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:web_edition:*:*:*", "matchCriteriaId": "76BD407C-26BE-4C0E-9536-B93F1DA64124", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x86:*", "matchCriteriaId": "24F477B8-F69D-4F2D-9045-D2D453F3C222", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:business:*:*:*", "matchCriteriaId": "6F7D5E7E-ABB8-4F0F-B1B4-93590933C124", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:december_ctp:*:*:*", "matchCriteriaId": "49BBAFF8-FB79-44A6-8334-D0FA6B896495", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "FFAF1539-A847-4F54-B0EB-039E9BFF2562", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_basic:*:*:*", "matchCriteriaId": "99A41253-6047-4060-A966-454A46ECD415", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:home_premium:*:*:*", "matchCriteriaId": "99FCD96E-986C-4AD6-865C-CACE9FCA4E8E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:beta:*:*:*:*:*:*", "matchCriteriaId": "63A83ABE-7DB1-4A5E-9FA7-A273DCD65DF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:beta1:*:*:*:*:*:*", "matchCriteriaId": "28550D88-BD1A-464C-83C1-0EEC97FAA1CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:beta2:*:*:*:*:*:*", "matchCriteriaId": "584B16B3-6EA0-4C20-91BD-D988C667D89E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:home:*:*:*", "matchCriteriaId": "82E4DD01-9720-4072-899C-3F0953490F19", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:media_center:*:*:*", "matchCriteriaId": "BB64666D-8DC2-4CF9-B6B6-98B97DA17F2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:professional:*:*:*", "matchCriteriaId": "B4F42327-FE64-4462-B354-95E9B2CDDAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:tablet_pc:*:*:*", "matchCriteriaId": "A5EEE1A0-CD79-4458-8E6C-705F705AA06C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*", "matchCriteriaId": "9692F8E9-E8E9-43A8-87D5-F2409333F8CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:ie:7.0:*:vista:*:*:*:*:*", "matchCriteriaId": "3E51CBF2-EFFD-407D-AB34-BDE69EFD60E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:internet_explorer:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AD86898-37BB-46C6-AC7E-0A733398E2D7", "versionEndIncluding": "6", "vulnerable": true}, {"criteria": "cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "88301496-BED2-45EB-BF19-5F5BF2957373", "vulnerable": true}, {"criteria": "cpe:2.3:h:avaya:s3400:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCB0BA4C-BA48-4DDA-917E-9EA9E04A898F", "vulnerable": true}, {"criteria": "cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D190CA6-7807-4361-8FB8-C015B21E66B1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en Microsoft Windows 2000 SP4 hasta Windows Vista permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (reinicio persistente) por medio de un archivo ANI malformado, lo que resulta en una corrupci\u00f3n de memoria durante el procesamiento de cursores, cursores animados e iconos, un problema similar al CVE-2005-0416, como se demostr\u00f3 originalmente usando Internet Explorer versiones 6 y 7. NOTA: este problema podr\u00eda ser un duplicado del CVE-2007-0038; si es as\u00ed, utilizar el CVE-2007-0038 en lugar de este identificador."}], "id": "CVE-2007-1765", "lastModified": "2021-07-23T12:16:46.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-30T00:19:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://research.eeye.com/html/alerts/zeroday/20070328.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://vil.nai.com/vil/content/v_141860.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.avertlabs.com/research/blog/?p=230"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.avertlabs.com/research/blog/?p=233"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.microsoft.com/technet/security/advisory/935423.mspx"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/464287/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/464345/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/23194"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1017827"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/1151"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}