Advisories » Windows Vista ATI Radeon Kernel Mode Driver Local Denial of Service Vulnerability
| Release Date: | 30/03/2007 | Severity: | Not Critical  |
| SecWatch Advisory: | SWID1017421 | Cause: | Not specified |
| Solution Status: | Unpatched | Impact: | Denial of service |
| Exploit Status: | None Available | Access Vector: | From local network |
| Affected OS's: | Microsoft Windows Vista | ||
| Original Advisory: | http://leovilletownsquare.com/fusionbb/showtopic.php?fid/27/tid/17600/ |
||
| References: | http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0077.html |
||
| CVE: | CVE-2007-1763 | ||
| Secunia: | SA24667 | ||
Description:
A vulnerability in Windows Vistahas been reported, which can be exploited by local users to trigger denial of service conditions.
The issue is caused due to an unspecified error within the ATI Radeon Kernel Mode Driver (atikmdag.sys) in certain system configurations. This can be exploited to crash the system by e.g. enabling the slideshow feature on certain directories, or loading or quitting certain games.
Solution:
There was no vendor-supplied solution at the time of entry.
Do not use the slideshow feature.
Use a different driver.
Credits:
Originally reported in a forum by slrranma.
Additional research done by Micha Majchrowicz and Olo.
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
07 Jun 07: Microsoft Windows Animated Cursor Handling Re.. (win32-loadaniicon.py)
08 Apr 07: Microsoft Windows Animated Cursor Handling Local .. (GDI-MS07-017.cpp)
03 Apr 07: Microsoft Windows Animated Cursor Handling.. (Microsoft_ANI_DEP_exp.c)
01 Apr 07: Microsoft Windows Animated Cursor Handling Rem.. (Microsoft_ANI_exp.c)
30 Mar 07: Microsoft Windows Animated Cursor Handling Remote Code Execution ..