CVE-2007-1765

EXPLOITED

Microsoft Windows 2000 < 6 - Denial of Service

Title source: rule

Description

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

Exploits (12)

exploitdb WORKING POC VERIFIED

by jamikazu · textremotewindows

https://www.exploit-db.com/exploits/3634

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by hdm, skape · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by jamikazu · textremotewindows

https://www.exploit-db.com/exploits/3636

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Trirat Puttaraksa · textremotewindows

https://www.exploit-db.com/exploits/3635

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by devcode · clocalwindows

https://www.exploit-db.com/exploits/3652

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by devcode · c++localwindows

https://www.exploit-db.com/exploits/3617

View Code ZIP pw:eip

exploitdb WORKING POC

clocalwindows

https://www.exploit-db.com/exploits/3647

View on exploitdb

exploitdb WORKING POC

clocalwindows

https://www.exploit-db.com/exploits/3695

View on exploitdb

exploitdb WORKING POC

pythonremotewindows

https://www.exploit-db.com/exploits/4045

View on exploitdb

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/3684

View on exploitdb

exploitdb WORKING POC

remotewindows

https://www.exploit-db.com/exploits/3651

View on exploitdb

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16698

View Code ZIP pw:eip

References (11)

[Broken Link] http://asert.arbornetworks.com/2007/03/any-ani-file-could-infect-you/

[Third Party Advisory] http://research.eeye.com/html/alerts/zeroday/20070328.html

[Broken Link] http://vil.nai.com/vil/content/v_141860.htm

[Third Party Advisory] http://www.avertlabs.com/research/blog/?p=230

[Third Party Advisory] http://www.avertlabs.com/research/blog/?p=233

[Vendor Advisory] http://www.microsoft.com/technet/security/advisory/935423.mspx

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23194

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1017827

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/1151

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/464287/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/464345/100/0/threaded

Scores

EPSS 0.6078

EPSS Percentile 98.3%

Exploitation Intel

VulnCheck KEV 2007-03-30

Classification

Status draft

Affected Products (43)

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

microsoft/windows_2000

... and 28 more

Timeline

Published Mar 30, 2007

Tracked Since Feb 18, 2026