Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-0217
HistoryFeb 13, 2007 - 10:28 p.m.

CVE-2007-0217

2007-02-1322:28:00
[email protected]
web.nvd.nist.gov
3

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.964

Percentile

99.6%

JSON

The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption.

Affected configurations

NVD
Node
microsoftwindows_2000sp4
AND
microsoftinternet_explorerMatch5.01sp4
Node
microsoftwindows_2000sp4
AND
microsoftieMatch6.0sp1
Node
microsoftwindows_2003_serverMatchgold
OR
microsoftwindows_2003_serverMatchgolditanium
OR
microsoftwindows_2003_serverMatchgoldx64
OR
microsoftwindows_2003_serverMatchsp1
OR
microsoftwindows_2003_serverMatchsp1itanium
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp2professional_x64
AND
microsoftinternet_explorerMatch6.0

Related

prion 2
cert 1
checkpoint_advisories 2
cvelist 2
securityvulns 3
cve 2
nvd 1
openvas 2
nessus 1
prion
prion
Buffer overflow
2007-02-13 22:28:00
Code injection
2007-06-21 23:30:00
cert
cert
Microsoft Internet Explorer fails to properly interpret certain responses from FTP servers
2007-02-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer FTP Response Parsing Memory Corruption (MS07-016; CVE-2007-0217)
2009-12-13 00:00:00
Update Protection against Microsoft Internet Explorer FTP Responses Remote Code Execution Vulnerability (MS07-016)
2007-03-14 00:00:00
cvelist
cvelist
CVE-2007-0217
2007-02-13 22:00:00
CVE-2007-3341
2007-06-21 23:00:00
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 02.13.07: Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability
2007-02-14 00:00:00
Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090)
2007-02-14 00:00:00
Microsoft Internet Explorer multiple security vulnerabilities
2007-02-14 00:00:00
cve
cve
CVE-2007-0217
2007-02-13 22:28:00
CVE-2007-3341
2007-06-21 23:30:00
nvd
nvd
CVE-2007-3341
2007-06-21 23:30:00
openvas
openvas
Cumulative Security Update for Internet Explorer (928090)
2010-07-08 00:00:00
Cumulative Security Update for Internet Explorer (928090)
2010-07-08 00:00:00
nessus
nessus
MS07-016: Cumulative Security Update for Internet Explorer (928090)
2007-02-13 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.964

Percentile

99.6%

JSON
Related for NVD:CVE-2007-0217
prion2cert1checkpoint_advisories2cvelist2securityvulns3cve2nvd1openvas2nessus1