CVE-2007-0064

CWE-119 — Buffer Overflow4 documents4 sources

Severity

9.3CRITICAL

EPSS

70.8%

top 1.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows Media Format Runtime Microsoft Windows Media Services

Timeline

PublishedDec 12

Latest updateMay 1

Description

Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/windows_media_format_runtime4 versions+3

▶NVDmicrosoft/windows_media_services9.1

🔴Vulnerability Details

GHSA

GHSA-7p6v-hr2m-q9r8: Heap-based buffer overflow in Windows Media Format Runtime 7↗2022-05-01

▶

CVEList

CVE-2007-0064: Heap-based buffer overflow in Windows Media Format Runtime 7↗2007-12-12

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Office 2007 - Malformed Document Stack Buffer Overflow↗2015-08-25

▶