Vulnerability Details CVE-2007-0940
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.749
EPSS Ranking 98.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/25185
- http://www.kb.cert.org/vuls/id/866305
- http://www.osvdb.org/34397
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/bid/23782
- http://www.securitytracker.com/id?1018016
- http://www.securitytracker.com/id?1018017
- http://www.us-cert.gov/cas/techalerts/TA07-128A.html
- http://www.vupen.com/english/advisories/2007/1713
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32739
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670
- http://secunia.com/advisories/25185
- http://www.kb.cert.org/vuls/id/866305
- http://www.osvdb.org/34397
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/archive/1/468871/100/200/threaded
- http://www.securityfocus.com/bid/23782
- http://www.securitytracker.com/id?1018016
- http://www.securitytracker.com/id?1018017
- http://www.us-cert.gov/cas/techalerts/TA07-128A.html
- http://www.vupen.com/english/advisories/2007/1713
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32739
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670
Products affected by CVE-2007-0940
-
cpe:2.3:a:microsoft:biztalk_server:2004
-
cpe:2.3:a:microsoft:capicom:-