[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0938Date: (C)2007-04-10   (M)2023-12-22


Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1017894
BID-22861
SECUNIA-24819
OSVDB-34006
ADV-2007-1322
HPSBST02208
MS07-018
VU#434137
mcms-http-get-code-execution(32736)
oval:org.mitre.oval:def:2001

CPE    2
cpe:/a:microsoft:content_management_server:2001:sp1
cpe:/a:microsoft:content_management_server:2002:sp2
OVAL    1
oval:org.mitre.oval:def:2001

© SecPod Technologies