Vulnerability Note VU#810073
Microsoft Windows Secure Channel integer underflow
A vulnerability in Microsoft Windows Secure Channel security package may lead to execution of arbitrary code.
Microsoft Windows Secure Channel (Schannel) security package implements standard network authentication protocols Secure Sockets Layer (SSL) and Transport Layer Security (TLS). A vulnerability exists in the way Schannel handles specially crafted digital signatures from the server during the SSL handshake, which can result in an integer underflow and heap memory corruption. According to Microsoft Security Bulletin ms07-031:
Schannel performs insufficient checks for specially crafted server-sent digital signatures during the SSL handshake.
According to Microsoft Security Bulletin ms07-031 this vulnerability affects different versions of Microsoft Windows differently:
On Windows XP... An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system.
Do not follow unsolicited links
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||13 Jun 2007|
CVSS Metrics (Learn More)
This vulnerability was reported in Microsoft Security Bulletin ms07-031. Microsoft credits Thomas Lim of COSEINC with reporting this issue.
This document was written by Chris Taschner.
- CVE IDs: CVE-2007-2218
- Date Public: 12 Jun 2007
- Date First Published: 14 Jun 2007
- Date Last Updated: 14 Jun 2007
- Severity Metric: 24.30
- Document Revision: 15
If you have feedback, comments, or additional information about this vulnerability, please send us email.