PRIOn knowledge basePRION:CVE-2007-0940

HistoryMay 08, 2007 - 11:19 p.m.

Design/Logic Flaw

2007-05-0823:19:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.934 High

EPSS

Percentile

99.0%

JSON

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the “CAPICOM.Certificates Vulnerability.”

CPENameOperatorVersion
biztalk_servereq2004 sp1
biztalk_servereq2004 sp2

CPE	Name	Operator	Version
	biztalk_server	eq	2004 sp1
	biztalk_server	eq	2004 sp2

References

secunia.com/advisories/25185

www.kb.cert.org/vuls/id/866305

www.osvdb.org/34397

www.securityfocus.com/archive/1/468871/100/200/threaded

www.securityfocus.com/bid/23782

www.securitytracker.com/id?1018016

www.securitytracker.com/id?1018017

www.us-cert.gov/cas/techalerts/TA07-128A.html

www.vupen.com/english/advisories/2007/1713

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028

exchange.xforce.ibmcloud.com/vulnerabilities/32739

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670

8.1 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.934 High

EPSS

Percentile

99.0%

JSON

Related for PRION:CVE-2007-0940