CVE-2007-5133

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

Published: Sep 27, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5133
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs:

CWE-189
CWE-399

Affected Software
References

Software	From	Fixed in
microsoft / windows_2003_server	-	-
microsoft / windows_xp	-	-
microsoft / windows_vista	-	-
microsoft / windows_server_2003	-	-
3ware / 3dm_disk_management_software	-	-

http://osvdb.org/45521
http://www.securityfocus.com/archive/1/480594/100/0/threaded
http://www.securityfocus.com/archive/1/480706/100/0/threaded
http://www.securityfocus.com/archive/1/480827/100/0/threaded
http://www.securityfocus.com/archive/1/480854/100/0/threaded
http://www.securityfocus.com/archive/1/480864/100/0/threaded
http://www.securityfocus.com/bid/25816

Vulnerability Database

289,599

CVE-2007-5133