[email protected]CVE-2007-0065

HistoryFeb 12, 2008 - 11:00 p.m.

CVE-2007-0065

2008-02-1223:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-0065

buffer overflow

ole automation

microsoft windows

office

remote code execution

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.6 Medium

EPSS

Percentile

97.8%

JSON

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.

CPENameOperatorVersion
microsoft:officemicrosoft officeeq*
microsoft:visual_basicmicrosoft visual basiceq6.0

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	*
microsoft:visual_basic	microsoft visual basic	eq	6.0

References

marc.info/?l=bugtraq&m=120361015026386&w=2

secunia.com/advisories/28902

www.securityfocus.com/bid/27661

www.securitytracker.com/id?1019373

www.us-cert.gov/cas/techalerts/TA08-043C.html

www.vupen.com/english/advisories/2008/0510/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.6 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2007-0065

checkpoint_advisories1 openvas2 prion1 securityvulns2 seebug1 nessus2