CVE-2007-5145

CVE Database · CVE-2007-5145

CVE-2007-5145

· N/AModified

CVSS v3.1

N/A

EPSS

10.42%

Published

Oct 1, 2007

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of service (application crash) via long strings in the (1) author, (2) title, (3) subject, and (4) comment Properties fields of a file, possibly involving improper handling of extended file attributes by the (a) NtQueryInformationFile, (b) NtQueryDirectoryFile, (c) NtSetInformationFile, (d) FileAllInformation, (e) FileNameInformation, and other FILE_INFORMATION_CLASS functions in ntdll.dll and the (f) GetFileAttributesExW and (g) GetFileAttributesW functions in kernel32.dll, a related issue to CVE-2007-1347.

Weaknesses (CWE)

CWE-119

Affected Products (1)

microsoft · windows_xpvulnerable

References (6)

http://lostmon.blogspot.com/2007/06/buffer-overflow-in-extended-file.html

Exploit

http://osvdb.org/41064

http://osvdb.org/41065

http://lostmon.blogspot.com/2007/06/buffer-overflow-in-extended-file.html

Exploit

http://osvdb.org/41064

http://osvdb.org/41065

KEV Catalog EPSS Scores Vendors All CVEs