{"vuid":"VU#180345","idnumber":"180345","name":"Microsoft Kodak Image Viewer code execution vulnerability","keywords":["Microsoft","Kodak Image Viewer","remote code execution","crafted image files","ms07-oct"],"overview":"The Kodak Image Viewer that is included in Windows 2000 contains a code execution vulnerability.","clean_desc":"The Kodak Image Viewer is included in Windows 2000. It may also be present on other versions of Windows that were upgraded from Windows 2000. Per Microsoft Security Bulletin MS07-055: A remote code execution vulnerability exists in the way that the Kodak Image Viewer in Windows handles specially crafted image files. An attacker could exploit the vulnerability by constructing a specially crafted image that could potentially allow remote code execution if a user visited a Web site, viewed a specially crafted e-mail message, or opened an e-mail attachment. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Note that there is publicly available proof of concept code that targets this vulnerability.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code.","resolution":"Update\nMicrosoft has released an update to address this vulnerability.","workarounds":"Run applications as with limited user accounts When possible, running applications with a user account that has limited privileges may reduce the impact of this vulnerability.","sysaffected":"","thanks":"Microsoft credits Cu Fang for reporting and Rita Schappler for providing information about this vulnerability.","author":"This document was written by Ryan Giobbi.","public":["http://www.microsoft.com/technet/security/bulletin/ms07-055.mspx","http://milw0rm.com/exploits/4584","http://www.milw0rm.com/exploits/4616"],"cveids":["CVE-2007-2217"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-10-09T17:58:40Z","publicdate":"2007-10-09T00:00:00Z","datefirstpublished":"2007-10-30T18:10:57Z","dateupdated":"2007-11-12T16:32:13Z","revision":9,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"4","cam_widelyknown":"18","cam_exploitation":"6","cam_internetinfrastructure":"10","cam_population":"9","cam_impact":"18","cam_easeofexploitation":"10","cam_attackeraccessrequired":"20","cam_scorecurrent":"20.655","cam_scorecurrentwidelyknown":"21.87","cam_scorecurrentwidelyknownexploited":"30.375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":20.655,"vulnote":null}