CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2223

Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.707

EPSS Ranking 98.6%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2007-2223

Microsoft » Expression Web » Version: N/A

cpe:2.3:a:microsoft:expression_web:-
Microsoft » Expression Web » Version: 2

cpe:2.3:a:microsoft:expression_web:2
Microsoft » Office » Version: 2003

cpe:2.3:a:microsoft:office:2003
Microsoft » Office » Version: 2007

cpe:2.3:a:microsoft:office:2007
Microsoft » Office Compatibility Pack » Version: 2007

cpe:2.3:a:microsoft:office_compatibility_pack:2007
Microsoft » Office Groove Server » Version: 2007

cpe:2.3:a:microsoft:office_groove_server:2007
Microsoft » Office Sharepoint Server » Version: 2007

cpe:2.3:a:microsoft:office_sharepoint_server:2007
Microsoft » Word Viewer » Version: 2003

cpe:2.3:a:microsoft:word_viewer:2003
Microsoft » Xml Core Services » Version: 3.0

cpe:2.3:a:microsoft:xml_core_services:3.0
Microsoft » Xml Core Services » Version: 4.0

cpe:2.3:a:microsoft:xml_core_services:4.0
Microsoft » Xml Core Services » Version: 5.0

cpe:2.3:a:microsoft:xml_core_services:5.0
Microsoft » Xml Core Services » Version: 6.0

cpe:2.3:a:microsoft:xml_core_services:6.0
Microsoft » Windows Server 2003 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2003:-
Microsoft » Windows Server 2003 » Version: r2

cpe:2.3:o:microsoft:windows_server_2003:r2
Microsoft » Windows Server 2008 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2008:-
Microsoft » Windows Vista » Version: N/A

cpe:2.3:o:microsoft:windows_vista:-
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-2223

Products

Pricing

Contact Us