CVE-2007-1537 — Microsoft Windows 2003 Server vulnerability

3 documents3 sources

Severity

3.6LOWNVD

EPSS

1.0%

top 22.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedMar 20

Latest updateMay 1

Description

\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.

CVSS vector

AV:L/AC:L/C:N/I:P/A:PExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serversp1

🔴Vulnerability Details

GHSA

GHSA-hf7j-6728-pppr: \Device\NdisTapi (NDISTAPI↗2022-05-01

▶

CVEList

CVE-2007-1537: \Device\NdisTapi (NDISTAPI↗2007-03-20

▶