CVE-2007-5133 - Vulnerability Details

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
3ware	3dm Disk Management Software
Microsoft	Windows 2003 Server Windows Server 2003 Windows Vista Windows Xp

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2003_server:::itanium:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::std:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::wed:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::x64:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::x64-std:::::*
	cpe:2.3:o:microsoft:windows_2003_server:::xp-64bit:::::*
	cpe:2.3:o:microsoft:windows_2003_server::gold::::::*
	cpe:2.3:o:microsoft:windows_2003_server::gold:itanium:::::
	cpe:2.3:o:microsoft:windows_2003_server::gold:std:::::
	cpe:2.3:o:microsoft:windows_2003_server::gold:wed:::::
	cpe:2.3:o:microsoft:windows_2003_server::gold:x64:::::
	cpe:2.3:o:microsoft:windows_2003_server::gold:x64-std:::::
	cpe:2.3:o:microsoft:windows_2003_server::r2::::::*
	cpe:2.3:o:microsoft:windows_2003_server::r2:std:::::
	cpe:2.3:o:microsoft:windows_2003_server::r2:wed:::::
	cpe:2.3:o:microsoft:windows_2003_server::r2:x64:::::
	cpe:2.3:o:microsoft:windows_2003_server::r2:x64-std:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp1::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp1:std:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp1:wed:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp2:itanium:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp2:std:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp2:wed:::::
	cpe:2.3:o:microsoft:windows_2003_server::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_2003_server:-:::::::*
	cpe:2.3:o:microsoft:windows_server_2003::::::::
	cpe:2.3:o:microsoft:windows_server_2003::-::::::*
	cpe:2.3:o:microsoft:windows_server_2003::sp1::::::*
	cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*
	cpe:2.3:o:microsoft:windows_vista::::::::
	cpe:2.3:o:microsoft:windows_vista:::business:::::*
	cpe:2.3:o:microsoft:windows_vista:::enterprise:::::*
	cpe:2.3:o:microsoft:windows_vista:::home_basic:::::*
	cpe:2.3:o:microsoft:windows_vista:::home_premium:::::*
	cpe:2.3:o:microsoft:windows_vista:::starter:::::*
	cpe:2.3:o:microsoft:windows_vista:::ultimate:::::*
	cpe:2.3:o:microsoft:windows_vista:::x64:::::*
	cpe:2.3:o:microsoft:windows_vista:::x64-business:::::*
	cpe:2.3:o:microsoft:windows_vista:::x64-home_basic:::::*
	cpe:2.3:o:microsoft:windows_vista::gold::::::*
	cpe:2.3:o:microsoft:windows_vista::gold:x64:::::
	cpe:2.3:o:microsoft:windows_vista:-:::::::*
	cpe:2.3:o:microsoft:windows_xp:::64bit:::::*
	cpe:2.3:o:microsoft:windows_xp:::embedded:::::*
	cpe:2.3:o:microsoft:windows_xp:::ibm_oem:::::*
	cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
	cpe:2.3:o:microsoft:windows_xp:::pro:::::*
	cpe:2.3:o:microsoft:windows_xp:::tablet_pc:::::*
	cpe:2.3:o:microsoft:windows_xp:::x64:::::*
	cpe:2.3:o:microsoft:windows_xp::gold::::::*
	cpe:2.3:o:microsoft:windows_xp::gold:embedded:::::
	cpe:2.3:o:microsoft:windows_xp::gold:media_center:::::
	cpe:2.3:o:microsoft:windows_xp::gold:pro:::::
	cpe:2.3:o:microsoft:windows_xp::gold:tablet_pc:::::
	cpe:2.3:o:microsoft:windows_xp::sp1::::::*
	cpe:2.3:o:microsoft:windows_xp::sp1:64bit:::::
	cpe:2.3:o:microsoft:windows_xp::sp1:embedded:::::
	cpe:2.3:o:microsoft:windows_xp::sp1:ibm_oem:::::
	cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
	cpe:2.3:o:microsoft:windows_xp::sp1:pro:::::
	cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::
	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
	cpe:2.3:o:microsoft:windows_xp::sp2:embedded:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:pro:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::
cpe:2.3:o:microsoft:windows_xp::sp2:x64:::::
cpe:2.3:o:microsoft:windows_xp:-:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:3ware:3dm_disk_management_software::sp1::::::*
	cpe:2.3:a:3ware:3dm_disk_management_software::sp2::::::*

No data.

References

Link	Providers
http://osvdb.org/45521
http://www.securityfocus.com/archive/1/480594/100/0/threaded
http://www.securityfocus.com/archive/1/480706/100/0/threaded
http://www.securityfocus.com/archive/1/480827/100/0/threaded
http://www.securityfocus.com/archive/1/480854/100/0/threaded
http://www.securityfocus.com/archive/1/480864/100/0/threaded
http://www.securityfocus.com/bid/25816

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-09-27T19:00:00

Updated: 2024-08-07T15:17:28.339Z

Reserved: 2007-09-27T00:00:00

Link: CVE-2007-5133

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-09-27T19:17:00.000

Modified: 2024-11-21T00:37:12.023

Link: CVE-2007-5133

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"}, {"name": "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"}, {"name": "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"}, {"name": "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"}, {"name": "25816", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25816"}, {"name": "45521", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/45521"}, {"name": "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5133", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"}, {"name": "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"}, {"name": "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"}, {"name": "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"}, {"name": "25816", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25816"}, {"name": "45521", "refsource": "OSVDB", "url": "http://osvdb.org/45521"}, {"name": "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:17:28.339Z"}, "title": "CVE Program Container", "references": [{"name": "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"}, {"name": "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"}, {"name": "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"}, {"name": "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"}, {"name": "25816", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25816"}, {"name": "45521", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/45521"}, {"name": "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5133", "datePublished": "2007-09-27T19:00:00", "dateReserved": "2007-09-27T00:00:00", "dateUpdated": "2024-08-07T15:17:28.339Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:itanium:*:*:*:*:*", "matchCriteriaId": "580632FB-7EB8-4DC6-A372-742D4523BF79", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:std:*:*:*:*:*", "matchCriteriaId": "9562EC45-0F28-4E4D-AA16-7E34241F26B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:wed:*:*:*:*:*", "matchCriteriaId": "1DA5F012-9457-4562-B50C-2C674008B494", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*", "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64-std:*:*:*:*:*", "matchCriteriaId": "4EF7C885-1142-477C-9AA2-5068EB9EFE82", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:xp-64bit:*:*:*:*:*", "matchCriteriaId": "5B5D0781-714B-4BE8-B74A-3A2CBC58F604", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*", "matchCriteriaId": "6F3C557A-71D8-47F9-9E12-CE938F301E66", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:itanium:*:*:*:*:*", "matchCriteriaId": "81C8959A-915B-472F-B043-A57BA11FDB93", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:std:*:*:*:*:*", "matchCriteriaId": "00C55EE5-2F70-4DC3-937A-BB5F13AC078E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:wed:*:*:*:*:*", "matchCriteriaId": "918EA750-E48B-438D-9C22-531A153D66B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "B92137A3-71F9-466B-87CA-F3E9EF53AE4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:gold:x64-std:*:*:*:*:*", "matchCriteriaId": "115D2DE5-8F40-441C-8783-430668AEE356", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:*:*:*:*:*:*", "matchCriteriaId": "7A83A9DC-224F-4887-A4AE-9071B081AE37", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:std:*:*:*:*:*", "matchCriteriaId": "E44AD1AD-C4BD-45F0-953A-13209C772205", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:wed:*:*:*:*:*", "matchCriteriaId": "A52FC62B-4CCD-46C1-B0E1-2328707C28D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64:*:*:*:*:*", "matchCriteriaId": "0A8D49FA-C8F8-4B59-BBCB-924CC105B371", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:r2:x64-std:*:*:*:*:*", "matchCriteriaId": "701A3529-675F-43B8-89DE-EB571C4CE8B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:std:*:*:*:*:*", "matchCriteriaId": "30A3D604-7DC9-42F3-9DB1-AF32CA4C8BDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:wed:*:*:*:*:*", "matchCriteriaId": "AAED2910-B2DE-4349-AF56-3AD25A9A6F93", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*", "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:std:*:*:*:*:*", "matchCriteriaId": "BA1482B6-C9A1-497A-8CD7-63F9F7CEAB3C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:wed:*:*:*:*:*", "matchCriteriaId": "73CDA5B6-99B9-475E-A8F7-837A7EB9747E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAA86830-BEA8-4943-83EA-C267FA534223", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*", "matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:-:*:*:*:*:*:*", "matchCriteriaId": "D826455B-E635-4FB2-9428-81028E10D98F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "DA778424-6F70-4AB6-ADD5-5D4664DFE463", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:business:*:*:*:*:*", "matchCriteriaId": "BDDE7F1B-768A-4A53-8765-E48DEB0EF3D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:enterprise:*:*:*:*:*", "matchCriteriaId": "8FF0D88B-821D-4E45-A2EC-5279B9190356", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:home_basic:*:*:*:*:*", "matchCriteriaId": "1A9CAA2B-947F-47E8-A032-DFA2D1F05B6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:home_premium:*:*:*:*:*", "matchCriteriaId": "4C17A747-EF5C-4852-89F7-DE45DDD6EB60", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:starter:*:*:*:*:*", "matchCriteriaId": "A2CB64F9-655C-4D56-B1BE-F9C04E5AA678", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:ultimate:*:*:*:*:*", "matchCriteriaId": "F0257B7A-A8D1-4AC9-98C8-324B5B810877", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64-business:*:*:*:*:*", "matchCriteriaId": "FE3A1EF2-B7F1-4006-A4C2-05342703C841", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64-home_basic:*:*:*:*:*", "matchCriteriaId": "CCAD23B6-A2F0-48A6-ADFF-6E0E091DD896", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*", "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64bit:*:*:*:*:*", "matchCriteriaId": "40DCD873-93E3-403A-8446-65F7E1B4FAD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*", "matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:ibm_oem:*:*:*:*:*", "matchCriteriaId": "81A690FA-1808-4E4F-8CBC-75FB5358D439", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*", "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro:*:*:*:*:*", "matchCriteriaId": "19DA594E-B495-4C5D-BC94-79582D3983C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:tablet_pc:*:*:*:*:*", "matchCriteriaId": "E4707F3F-F79E-4085-A81B-569204B7B1DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*", "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:embedded:*:*:*:*:*", "matchCriteriaId": "6F874274-760A-4544-BA19-0DB4F051FBB4", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:media_center:*:*:*:*:*", "matchCriteriaId": "F3D392C5-7158-459B-B8F4-DB8A89442587", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:pro:*:*:*:*:*", "matchCriteriaId": "629092E5-2AE1-4401-BFE6-DFB541A6E781", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:tablet_pc:*:*:*:*:*", "matchCriteriaId": "8A6EDD65-D857-49A4-89FF-8DDF0D016613", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "A74985B6-BCA5-49E3-878B-77D7FA43070C", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64bit:*:*:*:*:*", "matchCriteriaId": "FC8D6802-5F57-477E-B439-529081666852", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*", "matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:ibm_oem:*:*:*:*:*", "matchCriteriaId": "2C387041-0A42-4A18-A28B-49F739BB375B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*", "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:pro:*:*:*:*:*", "matchCriteriaId": "E78E8FC4-9D64-4ADC-B318-55F4337B7EEC", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:embedded:*:*:*:*:*", "matchCriteriaId": "B6031BA1-2F87-4556-A205-1E1B7661DFCF", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*", "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro:*:*:*:*:*", "matchCriteriaId": "261215DA-7018-4CE5-B055-0935DF9089A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*", "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*", "matchCriteriaId": "B47EBFCC-1828-45AB-BC6D-FB980929A81A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:3ware:3dm_disk_management_software:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "3FDD57E0-16A0-4868-B6E2-DFA72B57F5BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:3ware:3dm_disk_management_software:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9DF211B8-FFA0-4138-A3AC-F57CD7BD817F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png."}, {"lang": "es", "value": "Microsoft Windows Explorer (explorer.exe) permite a atacantes remotos con la complicidad del usuario provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante cierto fichero PNG con un trozo de texto grande que posiblemente provoca un desbordamiento de entero en el manejo del tama\u00f1o de trozos PNG, como ha sido demostrado por badlycrafted.png."}], "id": "CVE-2007-5133", "lastModified": "2024-11-21T00:37:12.023", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-09-27T19:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/45521"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/25816"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/45521"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/25816"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}, {"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object