Lucene search

[email protected]CVE-2007-1512

HistoryMar 20, 2007 - 10:19 a.m.

CVE-2007-1512

2007-03-2010:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1512

buffer overflow

mfc

microsoft windows

remote attack

rtf file

vulnerability

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.9%

JSON

Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the “MFC42u.dll Off-by-Two Overflow.” NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025.

CPENameOperatorVersion
microsoft:visual_studio_.netmicrosoft visual studio .neteq2002
microsoft:visual_studio_.netmicrosoft visual studio .neteq2003

CPE	Name	Operator	Version
microsoft:visual_studio_.net	microsoft visual studio .net	eq	2002
microsoft:visual_studio_.net	microsoft visual studio .net	eq	2003

References

www.securityfocus.com/archive/1/463009/100/0/threaded

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for CVE-2007-1512

securityvulns2 prion2 cert1 nessus1 cve1 checkpoint_advisories1