Russian Vulnerability Scanner Database

Back to List

CVE-2007-0038

Scores

EPSS

0.880high88.0%
0%20%40%60%80%100%

Percentile: 88.0%

CVSS

9.3critical2.0
0246810

CVSS Score: 9.3/10

All CVSS Scores

CVSS 2.0
9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Description

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

nvd

CWEs

CWE-119

Exploits

Exploit ID: 16526

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16526

Exploit ID: 16698

Source: exploitdb

URL: https://www.exploit-db.com/exploits/16698

Exploit ID: 3617

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3617

Exploit ID: 3634

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3634

Exploit ID: 3635

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3635

Exploit ID: 3636

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3636

Exploit ID: 3647

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3647

Exploit ID: 3651

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3651

Exploit ID: 3652

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3652

Exploit ID: 3684

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3684

Exploit ID: 3688

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3688

Exploit ID: 3695

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3695

Exploit ID: 3755

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3755

Exploit ID: 3804

Source: exploitdb

URL: https://www.exploit-db.com/exploits/3804

Exploit ID: 4045

Source: exploitdb

URL: https://www.exploit-db.com/exploits/4045

Exploit ID: CVE-2007-0038

Source: github-poc

URL: https://github.com/Axua/CVE-2007-0038

Vulnerable Software (4)

Type: Configuration

Vendor: *

Product: windows_2000

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2003_server:gold:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_2003_server

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2003_server:gold:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_vista

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2003_server:gold:*...

Source: nvd

Type: Configuration

Vendor: *

Product: windows_xp

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:microsoft:windows_2003_server:gold:*...

Source: nvd

End of list