CVE-2007-1537

DeviceNdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.

Date published : 2007-03-20

http://www.securityfocus.com/bid/23025

http://www.securityfocus.com/archive/1/463208/100/0/threaded