Vulnerability Details CVE-2007-3897
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.64
EPSS Ranking 98.3%
CVSS Severity
CVSS v2 Score 9.3
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=607
- http://secunia.com/advisories/27112
- http://securitytracker.com/id?1018785
- http://securitytracker.com/id?1018786
- http://www.securityfocus.com/archive/1/481983/100/100/threaded
- http://www.securityfocus.com/archive/1/482366/100/0/threaded
- http://www.securityfocus.com/archive/1/482366/100/0/threaded
- http://www.securityfocus.com/bid/25908
- http://www.us-cert.gov/cas/techalerts/TA07-282A.html
- http://www.vupen.com/english/advisories/2007/3436
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-056
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1706
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=607
- http://secunia.com/advisories/27112
- http://securitytracker.com/id?1018785
- http://securitytracker.com/id?1018786
- http://www.securityfocus.com/archive/1/481983/100/100/threaded
- http://www.securityfocus.com/archive/1/482366/100/0/threaded
- http://www.securityfocus.com/archive/1/482366/100/0/threaded
- http://www.securityfocus.com/bid/25908
- http://www.us-cert.gov/cas/techalerts/TA07-282A.html
- http://www.vupen.com/english/advisories/2007/3436
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-056
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1706
Products affected by CVE-2007-3897
-
cpe:2.3:a:microsoft:outlook_express:-
-
cpe:2.3:a:microsoft:outlook_express:4.0
-
cpe:2.3:a:microsoft:outlook_express:4.01
-
cpe:2.3:a:microsoft:outlook_express:4.5
-
cpe:2.3:a:microsoft:outlook_express:4.72.2106.4
-
cpe:2.3:a:microsoft:outlook_express:4.72.3120.0
-
cpe:2.3:a:microsoft:outlook_express:4.72.3612.1700
-
cpe:2.3:a:microsoft:outlook_express:5.0
-
cpe:2.3:a:microsoft:outlook_express:5.0.1
-
cpe:2.3:a:microsoft:outlook_express:5.0.2
-
cpe:2.3:a:microsoft:outlook_express:5.0.3
-
cpe:2.3:a:microsoft:outlook_express:5.01
-
cpe:2.3:a:microsoft:outlook_express:5.02
-
cpe:2.3:a:microsoft:outlook_express:5.5
-
cpe:2.3:a:microsoft:outlook_express:6.0
-
cpe:2.3:a:microsoft:windows_mail:-