CVE-2007-0562

Windows Explorer 6.0.2900.2180 - Denial of Service via Crafted AVI File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0562. PoCs published by shinnai.

AI-analyzed exploit summary This exploit creates a malformed .avi file that triggers a Denial of Service (DoS) in Windows Explorer when the file is right-clicked. The payload is a minimal AVI header designed to crash Explorer.exe on Windows XP SP2.

Description

Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · pythondoswindows

https://www.exploit-db.com/exploits/3190

View Code ZIP pw:eip

This exploit creates a malformed .avi file that triggers a Denial of Service (DoS) in Windows Explorer when the file is right-clicked. The payload is a minimal AVI header designed to crash Explorer.exe on Windows XP SP2.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Windows Explorer 6.0.2900.2180 (Windows XP SP2)

No auth needed

Prerequisites: Windows XP SP2 with Explorer.exe version 6.0.2900.2180 · Ability to deliver the .avi file to the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3190

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/43307

Scores

EPSS 0.1303

EPSS Percentile 95.8%

Details

Status published

Products (1)

microsoft/windows_explorer 6.00.2900.2180

Published Jan 30, 2007

Tracked Since Feb 18, 2026