cbcvebase.
CVE-2007-5133
published 2007-09-27

CVE-2007-5133: Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a…

PriorityP428high7.1CVSS 2.0
AVNACMAuNCNINAC
EXPLOIT
EPSS
22.91%
97.5th percentile
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

Detection & IOCsextracted from sources · hover to see the quote

urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30619.png
filenamebadlycrafted.png
  • Look for PNG files with abnormally large tEXt chunks being opened in explorer.exe; this may indicate exploitation of CVE-2007-5133 triggering CPU exhaustion.
  • Monitor explorer.exe for sustained near-100% CPU consumption, which is the primary symptom of this DoS attack via malformed PNG.
  • Flag PNG files where the tEXt chunk size field contains an unusually large or near-maximum value, consistent with an integer overflow trigger.
  • ·Exploitation is user-assisted; the victim must open or preview the malicious PNG file in Windows Explorer for the DoS to trigger.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.