CVE-2007-3681
CVE-2007-3681 is a medium-severity vulnerability in Winpcap with a CVSS 2.0 base score of 6.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.6)
- EPSS exploit prediction: 2% (82nd percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Winpcap
- Published:
- Last modified:
Description
The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
Frequently asked questions
- What is CVE-2007-3681?
- The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
- How severe is CVE-2007-3681?
- CVE-2007-3681 has a CVSS 2.0 base score of 6.6, rated medium severity.
- Is CVE-2007-3681 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (82nd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2007-3681?
- CVE-2007-3681 primarily affects Winpcap. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2007-3681?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2007-3681 published?
- CVE-2007-3681 was published on 2007-07-11 and last updated on 2026-06-16.
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550
- http://osvdb.org/37889
- http://secunia.com/advisories/25982
- http://securitytracker.com/id?1018350
- http://www.securityfocus.com/archive/1/473270/100/0/threaded
- http://www.securityfocus.com/archive/1/473297/100/0/threaded
- http://www.securityfocus.com/archive/1/473301/100/0/threaded
- http://www.securityfocus.com/bid/24829
- http://www.vupen.com/english/advisories/2007/2468
- http://www.winpcap.org/misc/changelog.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35309
- https://www.exploit-db.com/exploits/4165
Affected products (2)
- cpe:2.3:a:winpcap:winpcap:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:winpcap:winpcap:4.0:*:*:*:*:*:*:*
More vulnerabilities in Winpcap
- CVE-2007-5756 — Medium (CVSS 6.9): Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor…