CVE-2007-1347
published 2007-03-08CVE-2007-1347: Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of…
PriorityP431high7.1CVSS 2.0
AVNACMAuNCNINAC
EXPLOIT
EPSS
31.59%
98.1th percentile
Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll.
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerability is triggered via crafted Office document summary information parsed by Ole32.dll; hunt for .doc files with anomalous data at file offsets 0x4460 and 0x4519. ↗
- ·Exploit was confirmed only on Windows 2000 SP4 FR and Windows XP SP2 FR (French locale); behaviour on other language versions or service pack levels is unconfirmed. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6r26-5g48-43w4: Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer
ghsa_unreviewed·2022-05-01·CVSS 7.1
CVE-2007-5145 [HIGH] CWE-119 GHSA-6r26-5g48-43w4: Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer
Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of service (application crash) via long strings in the (1) author, (2) title, (3) subject, and (4) comment Properties fields of a file, possibly involving improper handling of extended file attributes by the (a) NtQueryInformationFile, (b) NtQueryDirectoryFile, (c) NtSetInformationFile, (d) FileAllInformation, (e) FileNameInformation, and other FILE_INFORMATION_CLASS functions in ntdll.dll and the (f) GetFileAttributesExW and (g) GetFileAttributesW functions in kernel32.dll, a related issue to CVE-2007-1347.
GHSA
GHSA-45rg-6g9m-wwpw: Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial
ghsa_unreviewed·2022-05-01
CVE-2007-1347 [HIGH] CWE-119 GHSA-45rg-6g9m-wwpw: Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial
Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll.
No detection rules found.
No writeups or analysis indexed.
http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.htmlhttp://osvdb.org/36141http://www.kb.cert.org/vuls/id/194944http://www.securityfocus.com/bid/22847http://www.securitytracker.com/id?1017736https://www.exploit-db.com/exploits/3419http://lostmon.blogspot.com/2007/08/windows-extended-file-attributes-buffer.htmlhttp://osvdb.org/36141http://www.kb.cert.org/vuls/id/194944http://www.securityfocus.com/bid/22847http://www.securitytracker.com/id?1017736https://www.exploit-db.com/exploits/3419
2007-03-08
Published