What is the severity of CVE-2007-0038?

CVE-2007-0038 has a CVSS v3 score of 0, which is classified as Low severity.

Is there an exploit available for CVE-2007-0038?

Yes, there are known exploits available for CVE-2007-0038. Immediate patching is recommended.

Is there a patch available for CVE-2007-0038?

Yes, patches are available for CVE-2007-0038. Check the vendor advisories for update instructions.

CVE-2007-0038 - CVE Details, Severity, and Analysis

CVE-2007-0038 - CVE Details, Severity, and Analysis | Strobes VI

Severity Scores

CVSS v30.0

CVSS v29.3

Priority Score0.0

EPSS Score88.0

None

Exploitation LikelihoodCritical

88.00%EPSS

Very high probability of exploitation in the next 30 days

Immediate patching required

88.00%

EPSS

0.0

CVSS

Yes

Exploit

Yes

Patch

High Priority

high EPSS • exploit exists

EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.

Description

Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.

CVSS v3 Breakdown

Attack Vector:-

Attack Complexity:-

Privileges Required:-

User Interaction:-

Scope:-

Confidentiality:-

Integrity:-

Availability:-

Exploit References

GitHub Snort

Patch References

[email protected][email protected][email protected]

Trend Analysis

Neutral

Vulnerable Products

Vendor	Product
Microsoft	Windows 2003 Server
Microsoft