CVE-2007-2223
новости
/
статьи
/
форум
/
программы
/
реклама
/
поиск
/
эксплоиты
[RU]
switch to
English
Version
CVE
CVE-2007-2223
Статус
UNKNOWN
Описание
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Важность
High
CVSS score
9,3
CVSS vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase
ASSIGNED (12.04.2011)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2223
References
BID :
25301
BUGTRAQ :
20070814 ZDI-07-048: Microsoft Internet Explorer substringData() Heap Overflow Vulnerability
BUGTRAQ :
20070816 MS07-042 XMLDOM substringData() PoC
CERT-VN :
VU#361968
IDEFENSE :
20070814 Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability
MISC :
http://www.zerodayinitiative.com/advisories/ZDI-07...
MS :
MS07-042
OVAL :
oval:org.mitre.oval:def:2069
SECTRACK :
1018559
SECUNIA :
26447
VUPEN :
ADV-2007-2866
SecurityVulns:
Повреждение памяти в XML-службах Windows (memory corruption)
О сайте
|
Условия использования
©
SecurityVulns
,
3APA3A
, Владимир Дубровин
Нижний Новгород
Enter your search terms
Web
securityvulns.ru
Submit search form
test server
