CVE-2007-1748
EXPLOITEDMicrosoft Windows 2000 - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
Exploits (7)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16366
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16748
exploitdb
WORKING POC
VERIFIED
by Andres Tarasco · textremotewindows
https://www.exploit-db.com/exploits/3746
exploitdb
WORKING POC
VERIFIED
by Winny Thomas · pythonremotewindows
https://www.exploit-db.com/exploits/3737
metasploit
WORKING POC
MANUAL
by hdm, Unknown, bcoles · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms07_029_msdns_zonename.rb
metasploit
WORKING POC
GREAT
by hdm, Unknown, bcoles · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/ms07_029_msdns_zonename.rb
References (15)
Scores
EPSS
0.8397
EPSS Percentile
99.3%
Details
VulnCheck KEV
2007-05-08
CWE
CWE-119
Status
published
Products (3)
microsoft/windows_2000
microsoft/windows_2003_server
sp1 (3 CPE variants)
microsoft/windows_2003_server
sp2 (3 CPE variants)
Published
Apr 13, 2007
Tracked Since
Feb 18, 2026