| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-010 | Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135) | Windows Live | Critical | 14-02-2007 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists in the Microsoft Malware Protection Engine because of the way that it parses Portable Document Format (PDF) files. An attacker could exploit the vulnerability by constructing a specially crafted PDF File that could potentially allow remote code execution when the target computer system receives, and the Microsoft Malware Protection Engine scans, the PDF file.
Detailed Information on the risk:
This bulletin covers a code execution vulnerability in Microsoft’s core Anti-Virus engine. Products affected include OneCare, Antigen, Forefront Security, and Windows Defender, including Windows Defender for Vista.Further information on this exploit is available at : MS07-010
Affected Software
Windows Live OneCareMicrosoft Antigen for Exchange 9.x
Microsoft Antigen for SMTP Gateway 9.x
Microsoft Windows Defender
Microsoft Windows Defender x64 Edition
Microsoft Windows Defender in Windows Vista
Microsoft Forefront Security for Exchange Server
Microsoft Forefront Security for SharePoint