Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Apr 23, 2026

CVE-2007-1204

Description

Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption.

Affected products

Microsoft/Windows Xp
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24822nvdVendor Advisory
www.vupen.com/english/advisories/2007/1323nvdVendor Advisory
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
www.osvdb.org/34010nvd
www.securityfocus.com/archive/1/466331/100/200/threadednvd
www.securityfocus.com/bid/23371nvd
www.securitytracker.com/idnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-019nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2049nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000