Lucene search

[email protected]CVE-2007-3897

HistoryOct 09, 2007 - 10:17 p.m.

CVE-2007-3897

2007-10-0922:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-3897

buffer overflow

microsoft outlook express

windows mail

nntp

remote code execution

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.958 High

EPSS

Percentile

99.4%

JSON

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

CPENameOperatorVersion
microsoft:outlook_expressmicrosoft outlook expresseq6.0
microsoft:windows_mailmicrosoft windows maileq-

CPE	Name	Operator	Version
microsoft:outlook_express	microsoft outlook express	eq	6.0
microsoft:windows_mail	microsoft windows mail	eq	-

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=607

secunia.com/advisories/27112

securitytracker.com/id?1018785

securitytracker.com/id?1018786

www.securityfocus.com/archive/1/481983/100/100/threaded

www.securityfocus.com/archive/1/482366/100/0/threaded

www.securityfocus.com/bid/25908

www.us-cert.gov/cas/techalerts/TA07-282A.html

www.vupen.com/english/advisories/2007/3436

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-056

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1706

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.958 High

EPSS

Percentile

99.4%

JSON

Related for CVE-2007-3897

securityvulns3 checkpoint_advisories2 nessus1 seebug1 prion1 openvas2