CVSS: 9.3EPSS: 90%CPEs: 26EXPL: 1CVE-2007-2223 – Microsoft Internet Explorer substringData Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-2223
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. Microsoft XML Core Services (MSXML) versión 3.0 hasta 6.0 permite a los atacantes remotos ejecutar código arbitrario por medio del método substringData en un objeto (1) TextNode o (2) XMLDOM, lo que provoca un desbordamiento de enteros que conduce a un desbordamiento de búfer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft software User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData() method available on the TextNode JavaScript object. When specific parameters are passed to the method, an integer overflow occurs causing incorrect memory allocation. If this event occurs after a different ActiveX object has been instantiated, an exploitable condition is created when the ActiveX object is deallocated which can result in the execution of arbitrary code. • https://www.exploit-db.com/exploits/30493 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=576 http://secunia.com/advisories/26447 http://www.kb.cert.org/vuls/id/361968 http://www.securityfocus.com/archive/1/476527/100/0/threaded http://www.securityfocus.com/archive/1/476747/100/0/threaded http://www.securityfocus.com/bid/25301 http://www.securitytracker.com/id?1018559 http://www.vupen.com/english/advisories/2007/2866 http://www.zerodayinitiative.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 23%CPEs: 4EXPL: 0CVE-2007-0039
https://notcve.org/view.php?id=CVE-2007-0039
The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception. La funcionalidad Exchange Collaboration Data Objects (EXCDO) en Microsoft Exchange Server 2000 SP3, 2003 SP1 y SP2 y 2007, permite a atacantes remotos causar una denegación de servicio (bloqueo) por medio de un archivo Internet Calendar (iCal) que contiene varios propiedades X-MICROSOFT-CDO-MODPROPS (MODPROPS) en las que el segundo MODPROPS es más largo que el primero, lo que desencadena una desreferencia del puntero NULL y una excepción no manejada. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063232.html http://secunia.com/advisories/25183 http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html http://www.osvdb.org/34390 http://www.securityfocus.com/archive/1/468047/100/0/threaded http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23808 http://www.securitytracker.com/id?1018015 http://www.us-cert.gov/cas/techalerts/TA07-128A.html ht • CWE-476: NULL Pointer Dereference •
CVSS: 6.8EPSS: 67%CPEs: 3EXPL: 0CVE-2007-0220
https://notcve.org/view.php?id=CVE-2007-0220
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an "incorrectly handled UTF character set label". Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Outlook Web Access (OWA) de Microsoft Exchange Server 2000 SP3, y 2003 SP1 y SP2 permite a atacantes remotos ejecutar secuencias de comandos de su elección, falsificar contenido u obtener información sensible mediante ciertas codificaciones UTF, anexos de correo electrónico basados en secuencias de comandos, implicando una "etiqueta de conjunto de caracteres UTF manejada incorrectamente". • http://secunia.com/advisories/25183 http://www.kb.cert.org/vuls/id/124113 http://www.osvdb.org/34389 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23806 http://www.securitytracker.com/id?1018015 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1711 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026 https://exchange.xforce.ibmcloud.com/vulne • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 96%CPEs: 4EXPL: 1CVE-2007-0213 – Microsoft Exchange 2003 - base64-MIME Remote Code Execution
https://notcve.org/view.php?id=CVE-2007-0213
Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message. Microsoft Exchange Server 2000 SP3, 2003 SP1 y SP2, y 2007 no decodifica apropiadamente correos electrónicos concretos con codificación MIME, lo cual permite a atacantes remotos ejecutar código de su elección mediante un mensaje de correo electrónico manipulado con codificación base64 MIME. • https://www.exploit-db.com/exploits/47076 http://packetstormsecurity.com/files/153533/Microsoft-Exchange-2003-base64-MIME-Remote-Code-Execution.html http://secunia.com/advisories/25183 http://www.kb.cert.org/vuls/id/343145 http://www.osvdb.org/34391 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23809 http://www.securitytracker.com/id?1018015 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english& • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2007-1512
https://notcve.org/view.php?id=CVE-2007-1512
Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the "MFC42u.dll Off-by-Two Overflow." NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025. Desbordamiento de búfer basado en pila en la función AfxOleSetEditMenu en el componente MFC de Microsoft Windows 2000 SP4, XP SP2, y Server 2003 Gold y SP1, y Visual Studio .NET 2002 Gold y SP1, y 2003 Gold y SP1 permite a atacantes remotos con la complicidad del usuario tener un impacto desconocido (posiblemente caída) mediante un fichero RTF con un objeto OLE mal formado, lo cual resulta en la escritura de 2 caracteres 0x00 pasado el final de szBuffer, también conocido como "MFC42u.dll Off-by-Two Overflow". NOTA: este asunto es debido a un parche incompleto (MS07-012) para CVE-2007-0025. • http://www.securityfocus.com/archive/1/463009/100/0/threaded •