CVE-2007-1765

critical Microsoft
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
60.8%
Exploitation probability in 30 days
Top 2% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: March 30, 2007 (6985 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

CWE

NVD-CWE-noinfo

Affected Products

microsoft windows 2000microsoft windows 2003 servermicrosoft windows vistamicrosoft windows xpavaya ip600 media serversmicrosoft iemicrosoft internet exploreravaya definity one media serveravaya s3400avaya s8100

References

🔗 asert.arbornetworks.com 🔗 research.eeye.com 🔗 vil.nai.com 🔗 www.avertlabs.com 🔗 www.avertlabs.com