VulDB: Microsoft Windows Malware Protection Engine PDF File buffer overflow
General
scipID: 2932
Affected: Microsoft Windows
Published: 02/13/2007 (Neel Mehta)
Risk: 
problematic
Entry: 98.7% complete
Created: 02/15/2007
Updated: 09/03/2012
Summary
A vulnerability has been found in Microsoft Windows and classified as problematic. This vulnerability affects an unknown function of the component Malware Protection Engine. The manipulation as part of a PDF File leads to a buffer overflow vulnerability. As an impact it is known to affect confidentiality, integrity, and availability.
The weakness was disclosed 02/13/2007 by Neel Mehta with ISS X-Force as MS07-010. The advisory is shared for download at microsoft.com. This vulnerability was named CVE-2006-5270 since 10/13/2006. The attack can be initiated remotely. There are neither technical details nor an exploit publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 24334, which helps to determine the existence of the flaw in a target environment. It is running in the context local and relying on port 139.
Applying the patch MS07-010 is able to eliminate this problem. The bugfix is ready for download at microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability. The vulnerability is also documented in the databases at OSVDB (31888), Secunia (SA24146), SecurityFocus (BID 22479) and SecurityTracker (ID 1017636).CVSS
Base Score: 6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P) [?]
| Access Vector | Access Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Local | High | Multiple | None | None | None |
| Adjacent | Medium | Single | Partial | Partial | Partial |
| Network | Low | None | Complete | Complete | Complete |
Exploiting
Class: Buffer overflow
Local: No
Remote: Yes
Availability: No
Nessus ID: 24334
Nessus Risk: High
Nessus Context: local
Nessus Port: 139
Countermeasures
Recommended: Upgrade
Reaction Time: 0 days since reported
0-Day Time: 0 days since found
Exposure Time: 0 days since known
Patch: MS07-010
Timeline
10/13/2006 | CVE assigned
02/13/2007 | Advisory disclosed
02/13/2007 | Countermeasure disclosed
02/13/2007 | Nessus plugin released
02/13/2007 | OSVDB entry created
02/15/2007 | VulDB entry created
09/03/2012 | VulDB entry updated
Sources
Advisory: MS07-010
Researcher: Neel Mehta
Company: ISS X-Force
OSVDB: 31888
CVE: CVE-2006-5270 (mitre.org) (nist.org) (cvedetails.com)
Secunia: 24146
SecurityFocus: 22479
SecurityTracker: 1017636
Vupen: ADV-2007-0579
- Latest Entries
- EMC RSA Authentication API Encryption Key information disclosure
- Cisco Secure Access Control System Web Interface weak authentication
- Python ssl.match_hostname() denial of service
- Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
- Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
- Statistics
- Archive
