Vulnerability Description
\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2003 Server | sp1 |
| Microsoft | Windows Xp | All versions |
References
- http://secunia.com/advisories/24598
- http://securityreason.com/securityalert/2471
- http://www.osvdb.org/33628
- http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinf
- http://www.securityfocus.com/archive/1/463208/100/0/threaded
- http://www.securityfocus.com/bid/23025
- http://www.vupen.com/english/advisories/2007/1031
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33086
- http://secunia.com/advisories/24598
- http://securityreason.com/securityalert/2471
- http://www.osvdb.org/33628
- http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinf
- http://www.securityfocus.com/archive/1/463208/100/0/threaded
- http://www.securityfocus.com/bid/23025
- http://www.vupen.com/english/advisories/2007/1031
FAQ
What is CVE-2007-1537?
CVE-2007-1537 is a vulnerability with a CVSS score of 3.6 (LOW). \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using ...
How severe is CVE-2007-1537?
CVE-2007-1537 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1537?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2003 Server, Microsoft Windows Xp.