CVE Vulnerabilities

CVE-2007-1537

Published: Mar 20, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.6 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

DeviceNdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.

Affected Software

Name Vendor Start Version End Version
Windows_2003_server Microsoft sp1 sp1
Windows_xp Microsoft * *

References