Lucene search

[email protected]NVD:CVE-2007-2496

HistoryMay 04, 2007 - 12:19 a.m.

CVE-2007-2496

2007-05-0400:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.122

Percentile

95.4%

JSON

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) GotoPage, (6) Save, (7) SaveWebFile, (8) HttpDownloadFile, (9) Open, (10) OpenWebFile, (11) SaveAs, or (12) ShowWordStandardDialog property value.

Affected configurations

Nvd

Node

office_ocxword_viewer_ocxMatch3.2.0.5

VendorProductVersionCPE
office_ocxword_viewer_ocx3.2.0.5cpe:2.3:a:office_ocx:word_viewer_ocx:3.2.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
office_ocx	word_viewer_ocx	3.2.0.5	cpe:2.3:a:office_ocx:word_viewer_ocx:3.2.0.5:::::::*

References

moaxb.blogspot.com/2007/05/moaxb-03-wordviewerocx-32-multiple_03.html

osvdb.org/34334

secunia.com/advisories/25100

www.securityfocus.com/bid/23784

www.vupen.com/english/advisories/2007/1634

exchange.xforce.ibmcloud.com/vulnerabilities/34027

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

High

EPSS

0.122

Percentile

95.4%

JSON

Related for NVD:CVE-2007-2496

prion1 exploitdb1 cvelist1 cve1 securityvulns1