Lucene search

[email protected]CVE-2007-0352

HistoryJan 19, 2007 - 1:28 a.m.

CVE-2007-0352

2007-01-1901:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0352

microsoft

help workshop

buffer overflow

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.88 High

EPSS

Percentile

98.7%

JSON

Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a crafted .cnt file composed of lines that begin with an integer followed by a space and a long string.

Affected configurations

NVD

Node

microsofthtml_help_workshopMatch4.02.0002

CPENameOperatorVersion
microsoft:html_help_workshopmicrosoft html help workshopeq4.02.0002

CPE	Name	Operator	Version
microsoft:html_help_workshop	microsoft html help workshop	eq	4.02.0002

References

osvdb.org/31898

secunia.com/advisories/23862

securityreason.com/securityalert/2156

securitytracker.com/id?1017530

www.anspi.pl/~porkythepig/visualization/cnt-expl1.cpp

www.securityfocus.com/archive/1/457210/100/0/threaded

www.securityfocus.com/bid/22100

exchange.xforce.ibmcloud.com/vulnerabilities/31555

www.exploit-db.com/exploits/3149

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.88 High

EPSS

Percentile

98.7%

JSON

Related for CVE-2007-0352

saint4 cvelist1 nvd1 prion1 checkpoint_advisories1 securityvulns1