CVE-2007-1765
EXPLOITEDMicrosoft Windows 2000 < 6 - Denial of Service
Title source: ruleDescription
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
Exploits (12)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16698
exploitdb
WORKING POC
VERIFIED
by jamikazu · textremotewindows
https://www.exploit-db.com/exploits/3634
exploitdb
WORKING POC
VERIFIED
by Trirat Puttaraksa · textremotewindows
https://www.exploit-db.com/exploits/3635
exploitdb
WORKING POC
VERIFIED
by jamikazu · textremotewindows
https://www.exploit-db.com/exploits/3636
exploitdb
WORKING POC
VERIFIED
by devcode · c++localwindows
https://www.exploit-db.com/exploits/3617
metasploit
WORKING POC
GREAT
by hdm, skape · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb
References (11)
Scores
EPSS
0.6078
EPSS Percentile
98.3%
Details
VulnCheck KEV
2007-03-30
Status
published
Products (10)
avaya/definity_one_media_server
avaya/ip600_media_servers
avaya/s3400
avaya/s8100
microsoft/ie
7.0
microsoft/internet_explorer
< 6
microsoft/windows_2000
(20 CPE variants)
microsoft/windows_2003_server
(4 CPE variants)
microsoft/windows_vista
(9 CPE variants)
microsoft/windows_xp
(4 CPE variants)
Published
Mar 30, 2007
Tracked Since
Feb 18, 2026