CVE-2007-2218

Name of the Vulnerable Software and Affected Versions Windows Schannel Security Package versions prior to the fixed version

Description The issue allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake. A remote code execution vulnerability exists in the way that Windows Schannel on a client machine validates server-sent digital signatures. An attacker could host a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser and then convince a user to view the Web site.

Recommendations For Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.