CVE-2007-0064

Published Dec 12, 2007
Last updated 10 days ago
CVSS info 9.3
Overview

Description: Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
Source: cve@mitre.org
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-119
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A375A6D9-5DD3-4DD9-98AF-F513A4C86F88"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FD41070-7ED7-41D6-AF81-C038A8DB3C0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87AA5126-90FF-40F5-8664-E8260C2C8CF5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CAEEA81-5037-4B68-98D9-83AAEBC98E20"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_services:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3E3CAB6-D1AF-4B13-97E3-0E96D4F32F87"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
