Vulnerability Details CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.457
EPSS Ranking 97.4%
CVSS Severity
CVSS v2 Score 9.3
References
- http://marc.info/?l=bugtraq&m=120585858807305&w=2
- http://marc.info/?l=bugtraq&m=120585858807305&w=2
- http://secunia.com/advisories/29328
- http://www.securityfocus.com/bid/28136
- http://www.securitytracker.com/id?1019581
- http://www.us-cert.gov/cas/techalerts/TA08-071A.html
- http://www.vupen.com/english/advisories/2008/0849/references
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-017
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5327
- http://marc.info/?l=bugtraq&m=120585858807305&w=2
- http://marc.info/?l=bugtraq&m=120585858807305&w=2
- http://secunia.com/advisories/29328
- http://www.securityfocus.com/bid/28136
- http://www.securitytracker.com/id?1019581
- http://www.us-cert.gov/cas/techalerts/TA08-071A.html
- http://www.vupen.com/english/advisories/2008/0849/references
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-017
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5327
Products affected by CVE-2007-1201
-
cpe:2.3:a:microsoft:biztalk_server:2000
-
cpe:2.3:a:microsoft:biztalk_server:2002
-
cpe:2.3:a:microsoft:commerce_server:2000
-
cpe:2.3:a:microsoft:internet_security_and_acceleration_server:2000
-
cpe:2.3:a:microsoft:office:2000
-
cpe:2.3:a:microsoft:office:xp
-
cpe:2.3:a:microsoft:visual_studio_.net:2002
-
cpe:2.3:a:microsoft:visual_studio_.net:2003