[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0515Date: (C)2007-01-25   (M)2023-12-22


Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1017564
BID-22225
BID-22328
SECUNIA-23950
OSVDB-31900
ADV-2007-0350
MS07-014
TA07-044A
VU#412225
http://isc.sans.org/diary.html?storyid=2133
http://www.microsoft.com/technet/security/advisory/932114.mspx
http://www.symantec.com/enterprise/security_response/weblog/2007/01/multiple_organizations_targett.html
http://www.symantec.com/enterprise/security_response/weblog/2007/01/new_microsoft_word_2000_vulner.html
http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2007-013010-5422-99&tabid=2
oval:org.mitre.oval:def:528
word-document-code-execution(31834)

CPE    11
cpe:/a:microsoft:office:2000:sp3
cpe:/a:microsoft:office:xp:sp3
cpe:/a:microsoft:office:2003:sp2
cpe:/a:microsoft:works:2006
...
OVAL    1
oval:org.mitre.oval:def:528

© SecPod Technologies