Lucene search
SAINT CorporationSAINT:34D39E13495D4380D8089D440BE3BB1DHistorySep 11, 2007 - 12:00 a.m.
Microsoft Agent crafted URL vulnerability
2007-09-1100:00:00
SAINT Corporation
www.saintcorporation.com
9
0.758 High
EPSS
Percentile
97.9%
Added: 09/11/2007
CVE: CVE-2007-3040
BID: 25566
OSVDB: 36934
Background
Microsoft Agent is a component of the Windows operating system designed to make using a computer easier through enriched user interaction.
Problem
A vulnerability in Microsoft Agent allows command execution when a user loads a web page which calls the Microsoft Agent ActiveX control with a specially crafted URL.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 07-051.
References
<http://www.microsoft.com/technet/security/bulletin/ms07-051.mspx>
Limitations
Exploit works on Windows 2000 SP4 and requires a user to load the exploit page in Internet Explorer.
Platforms
Windows 2000
Related
seebug
seebug
Microsoft Agent agentdpv.dll ActiveX控件畸形URL栈溢出漏洞(MS07-051)
2007-09-12 00:00:00
saint
saint
Microsoft Agent crafted URL vulnerability
2007-09-11 00:00:00
Microsoft Agent crafted URL vulnerability
2007-09-11 00:00:00
Microsoft Agent crafted URL vulnerability
2007-09-11 00:00:00
securityvulns
securityvulns
canvas
canvas
Immunity Canvas: MS07_051
2007-09-12 01:17:00
checkpoint_advisories
checkpoint_advisories
nessus
nessus
cert
cert
Microsoft Agent fails to properly handle specially crafted URLs
2007-09-11 00:00:00
prion
prion
Stack overflow
2007-09-12 01:17:00
cve
cve
CVE-2007-3040
2007-09-12 01:17:00