Unrated severityNVD Advisory· Published Mar 24, 2007· Updated Apr 23, 2026

CVE-2007-1644

Description

The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution).

Affected products

Microsoft/All Windows
cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/43603nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33473nvd
www.exploit-db.com/exploits/3544nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.025
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000