Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2007-2237

Published: 06/06/2007 Updated: 02/02/2024
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 720
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Summary

Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent malicious users to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, which triggers a divide-by-zero error.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows xp -

Vendor Advisories

Debian CVElist Bug Report Logs: gimp: CVE-2007-3126
Debian Bug report logs - #885382 gimp: CVE-2007-3126 Package: src:gimp; Maintainer for src:gimp is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 26 Dec 2017 16:18:04 UTC Severity: normal Tags: fixed-upstream, patch, security, ...

Exploits

Exploit DB: Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
#################################### # Author : kad # # Mail : kad[at]highsecu[dot]com # # Site : wwwhighsecucom # #################################### highsecuico - Microsoft GDI+ Integer division by zero flaw handling ICO files githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/4 ...
Exploit DB: Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service
source: wwwsecurityfocuscom/bid/24346/info Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to properly handle maliciously crafted ICO files An attacker may exploit this issue by enticing victims into opening a malicious file Successful exploits will result in denial-of-service conditions on appl ...

References

CWE-369http://www.csis.dk/dk/forside/GdiPlus.pdfhttp://www.kb.cert.org/vuls/id/290961http://www.securityfocus.com/bid/24346http://www.securitytracker.com/id?1018202http://www.vupen.com/english/advisories/2007/2083http://osvdb.org/38494https://exchange.xforce.ibmcloud.com/vulnerabilities/34743https://www.exploit-db.com/exploits/4044http://www.securityfocus.com/archive/1/470746/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885382https://nvd.nist.govhttps://www.exploit-db.com/exploits/4044/https://www.kb.cert.org/vuls/id/290961
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-3611CVE-2024-4947CVE-2024-32988CVE-2020-35165local file inclusionCVE-2024-4980bypassmalicious code‎
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook