Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261) |
| Informations | |||
|---|---|---|---|
| Name | MS07-019 | First vendor Publication | 2007-04-10 |
| Vendor | Microsoft | Last vendor Modification | 2007-04-10 |
| Severity (Vendor) | Critical | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:A/AC:H/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Adjacent network |
| Cvss Impact Score | 10 | Attack Complexity | High |
| Cvss Expoit Score | 3.2 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. We recommend that customers apply the update immediately. |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:2049 | |||
| Oval ID: | oval:org.mitre.oval:def:2049 | ||
| Title: | UPnP Memory Corruption Vulnerability | ||
| Description: | Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-1204 | Version: | 5 |
| Platform(s): | Microsoft Windows XP | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 34010 | Microsoft Windows XP UPnP Remote Memory Corruption A remote overflow exists in Windows XP. The Universal Plug and Play component fails to proper check boundary conditions when parsing certain HTTP headers resulting in a stack-based overflow. With a specially crafted HTTP request, an attacker can cause code execution with Local Service privileges resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2007-04-12 | IAVM : 2007-B-0008 - Microsoft Windows Universal Plug and Play Vulnerability Severity : Category I - VMSKEY : V0013936 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Windows UPnP notification type overflow attempt RuleID : 10475 - Revision : 14 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-04-10 | Name : Arbitrary code can be executed on the remote host due to a flaw in the Plug-A... File : smb_nt_ms07-019.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:39 |
|
| 2014-01-19 21:30:04 |
|
| 2013-11-11 12:41:05 |
|
| 2013-05-11 12:21:59 |
|
