search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Malware Protection Engine fails to properly process a specially crafted PDF File

Vulnerability Note VU#511577

Original Release Date: 2007-02-20 | Last Revised: 2007-02-23


A vulnerability in the way Microsoft Malware Protection Engine processes PDF files may lead to execution of arbitrary code.


Microsoft Malware Protection Engine contains a vulnerability that could be exploited when it attempts to process specially crafted PDF files. According to Microsoft Security Bulletin MS07-010, an integer overflow vulnerability exists in the way that the Microsoft Malware Protection Engine processes Portable Document Format (PDF) files. An attacker with the ability to supply a specially crafted PDF file could exploit this vulnerability.

Note that according to Microsoft the Malware Protection Engine is a coponent of the following:

    • Windows Live OneCare
    • Microsoft Antigen for Exchange 9.x
    • Microsoft Antigen for SMTP Gateway 9.x
    • Microsoft Windows Defender
    • Microsoft Windows Defender x64 Edition
    • Microsoft Windows Defender in Windows Vista
    • Microsoft Forefront Security for Exchange Server
    • Microsoft Forefront Security for SharePoint


A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.


UpdateMicrosoft has released an update to address this issue. See Microsoft Security Bulletin MS07-010 for more details.

Vendor Information

Affected   Unknown   Unaffected

Microsoft Corporation

Updated:  February 20, 2007



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


Refer to Microsoft Security Bulletin MS07-010.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A



This vulnerability was reported in Microsoft Security Bulletin ms07-10 . Microsoft credits Neel Mehta and Alex Wheeler of ISS X-Force for reporting this issue.

This document was written by Chris Taschner.

Other Information

CVE IDs: CVE-2006-5270
Severity Metric: 25.65
Date Public: 2007-02-13
Date First Published: 2007-02-20
Date Last Updated: 2007-02-23 13:53 UTC
Document Revision: 12

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.