1. Home
  2. CVE Database
  3. CVE-2007-5133
HIGH · 7.1

CVE-2007-5133

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an ...

Vulnerability Description

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
MicrosoftWindows 2003 ServerAll versions
MicrosoftWindows Server 2003All versions
MicrosoftWindows VistaAll versions
MicrosoftWindows XpAll versions
3Ware3Dm Disk Management SoftwareAll versions

Related Weaknesses (CWE)

CWE-189CWE-399

References

FAQ

What is CVE-2007-5133?

CVE-2007-5133 is a vulnerability with a CVSS score of 7.1 (HIGH). Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an ...

How severe is CVE-2007-5133?

CVE-2007-5133 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5133?

Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2003 Server, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Xp, 3Ware 3Dm Disk Management Software.