Vulnerabilities > CVE-2007-0210 - Privilege Escalation vulnerability in Microsoft Windows Image Acquisition Service
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an "unchecked buffer," probably a buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS07-007.NASL |
description | The remote version of Windows contains a version of the Image Acquisition service that contains a vulnerability in the way it starts applications. An authenticated user may exploit this vulnerability to elevate privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24331 |
published | 2007-02-13 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24331 |
title | MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802) |
code |
|
Oval
accepted | 2007-04-10T13:44:22.921-04:00 | ||||
class | vulnerability | ||||
contributors |
| ||||
definition_extensions |
| ||||
description | The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an "unchecked buffer," probably a buffer overflow. | ||||
family | windows | ||||
id | oval:org.mitre.oval:def:186 | ||||
status | accepted | ||||
submitted | 2007-02-13T14:38:21 | ||||
title | Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege | ||||
version | 70 |
References
- http://secunia.com/advisories/24132
- http://www.osvdb.org/31889
- http://www.securityfocus.com/bid/22499
- http://www.securitytracker.com/id?1017634
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2007/0576
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-007
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A186