Vulnerability Name:

CVE-2007-2237 (CCN-34743)

Assigned:2007-06-06
Published:2007-06-06
Updated:2018-10-16
Summary:Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, which triggers a divide-by-zero error.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
6.1 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: BugTraq Mailing List, Thu Jun 07 2007 - 04:21:23 CDT
CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files

Source: CCN
Type: Full-Disclosure Mailing List, Wed Jun 06 2007 - 04:26:16 CDT
CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files

Source: MITRE
Type: CNA
CVE-2007-2237

Source: OSVDB
Type: UNKNOWN
38494

Source: CCN
Type: SECTRACK ID: 1018202
Microsoft GDI+ ICO File Divide By Zero Bug Lets Remote Users Deny Service

Source: CCN
Type: CSIS Security Research and Intelligence Advisory
Microsoft GDI+ Integer division by zero flaw handling .ICO files

Source: MISC
Type: UNKNOWN
http://www.csis.dk/dk/forside/GdiPlus.pdf

Source: CCN
Type: US-CERT VU#290961
Microsoft Windows GDI+ ICO InfoHeader Height division by zero vulnerability

Source: CERT-VN
Type: US Government Resource
VU#290961

Source: CCN
Type: OSVDB ID: 38494
Microsoft Windows Graphics Device Interface (GDI+, GdiPlus.dll) ICO Handling DoS

Source: CCN
Type: OSVDB ID: 43453
Gimp Crafted ICO File Handling DoS

Source: CCN
Type: OSVDB ID: 49895
Microsoft Windows GDI+ gdiplus.dll Crafted ICO File Handling DoS

Source: BUGTRAQ
Type: UNKNOWN
20070607 CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files

Source: BID
Type: UNKNOWN
24346

Source: CCN
Type: BID-24346
Microsoft Windows GDI+ ICO File Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018202

Source: VUPEN
Type: UNKNOWN
ADV-2007-2083

Source: XF
Type: UNKNOWN
windows-gdi-dos(34743)

Source: XF
Type: UNKNOWN
windows-gdi-dos(34743)

Source: EXPLOIT-DB
Type: UNKNOWN
4044

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:professional:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:microsoft:windows:xp:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp