>> Microsoft Windows Mobile Internet Explorer and Pictures and Videos Denial of Service
Title : Microsoft Windows Mobile Internet Explorer and Pictures and Videos Denial of Service VUPEN ID : VUPEN/ADV-2007-0434 CVE ID : CVE-2007-0674 - CVE-2007-0685
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2007-01-31
Technical Description
Two vulnerabilities have been identified in Windows Mobile, which could be exploited by attackers to cause a denial of service.
The first issue is due to an error in Internet Explorer when handling malformed data, which could be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a specially crafted web page.
The second issue is due to an error in the Pictures and Videos application that fails to properly handle malformed JPEG images, which could be exploited by attackers to cause a vulnerable device to hang, creating a denial of service condition.
