PRIOn knowledge basePRION:CVE-2007-0034

HistoryJan 09, 2007 - 11:28 p.m.

Buffer overflow

2007-01-0923:28:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.942 High

EPSS

Percentile

99.1%

JSON

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka “Microsoft Outlook Advanced Find Vulnerability.”

CPENameOperatorVersion
officeeq2000 sp3
officeeqxp sp3
officeeq2003 sp2
outlookeq2000
outlookeq2002
outlookeq2003

Name	Operator	Version
office	eq	2000 sp3
office	eq	xp sp3
office	eq	2003 sp2
outlook	eq	2000
outlook	eq	2002
outlook	eq	2003

References

secunia.com/advisories/23674

securitytracker.com/id?1017488

www.computerterrorism.com/research/ct09-01-2007.htm

www.kb.cert.org/vuls/id/271860

www.osvdb.org/31254

www.securityfocus.com/archive/1/456589/100/0/threaded

www.securityfocus.com/archive/1/457274/100/0/threaded

www.securityfocus.com/bid/21936

www.us-cert.gov/cas/techalerts/TA07-009A.html

www.vupen.com/english/advisories/2007/0104

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A153

8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.942 High

EPSS

Percentile

99.1%

JSON

Related for PRION:CVE-2007-0034