CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1748

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile30.04th
PublishedApr 13, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2003 Server

= sp1
πŸ’»
Microsoft

Windows 2003 Server

= sp1
πŸ’»
Microsoft

Windows 2003 Server

= sp1
πŸ’»
Microsoft

Windows 2003 Server

= sp2
πŸ’»
Microsoft

Windows 2003 Server

= sp2
πŸ’»
Microsoft

Windows 2003 Server

= sp2

References & Advisories

πŸ”— http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx
πŸ”— http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb
πŸ”— http://secunia.com/advisories/24871
πŸ”— http://www.kb.cert.org/vuls/id/555920
πŸ”— http://www.microsoft.com/technet/security/advisory/935964.mspx
πŸ”— http://www.securityfocus.com/archive/1/465863/100/100/threaded
πŸ”— http://www.securityfocus.com/archive/1/468871/100/200/threaded
πŸ”— http://www.securityfocus.com/bid/23470

Related Vulnerabilities

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2000-006110.0

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document h...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2000-107110.0

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote...