{"vuid":"VU#511577","idnumber":"511577","name":"Microsoft Malware Protection Engine fails to properly process a specially crafted PDF File","keywords":["Microsoft Malware Protection Engine","remote code execution","PDF file","ms07-feb"],"overview":"A vulnerability in the way Microsoft Malware Protection Engine processes PDF files may lead to execution of arbitrary code.","clean_desc":"Microsoft Malware Protection Engine contains a vulnerability that could be exploited when it attempts to process specially crafted PDF files. According to Microsoft Security Bulletin MS07-010, an integer overflow vulnerability exists in the way that the Microsoft Malware Protection Engine processes Portable Document Format (PDF) files. An attacker with the ability to supply a specially crafted PDF file could exploit this vulnerability. Note that according to Microsoft the Malware Protection Engine is a coponent of the following: Windows Live OneCare\nMicrosoft Antigen for Exchange 9.x\nMicrosoft Antigen for SMTP Gateway 9.x\nMicrosoft Windows Defender\nMicrosoft Windows Defender x64 Edition\nMicrosoft Windows Defender in Windows Vista\nMicrosoft Forefront Security for Exchange Server\nMicrosoft Forefront Security for SharePoint","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.","resolution":"Update\nMicrosoft has released an update to address this issue. See Microsoft Security Bulletin MS07-010 for more details.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported in Microsoft Security Bulletin \nms07-10\n. Microsoft credits Neel Mehta and Alex Wheeler of ISS X-Force for reporting this issue.","author":"This document was written by Chris Taschner.","public":["http://www.microsoft.com/technet/security/Bulletin/ms07-010.mspx","http://secunia.com/advisories/24146/","http://securitytracker.com/alerts/2007/Feb/1017636.html","http://www.securityfocus.com/bid/22479"],"cveids":["CVE-2006-5270"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-02-13T19:26:39Z","publicdate":"2007-02-13T00:00:00Z","datefirstpublished":"2007-02-20T13:39:47Z","dateupdated":"2007-02-23T13:53:40Z","revision":15,"vrda_d1_directreport":"0","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"12","cam_attackeraccessrequired":"20","cam_scorecurrent":"25.65","cam_scorecurrentwidelyknown":"32.4","cam_scorecurrentwidelyknownexploited":"59.4","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":25.65,"vulnote":null}