CVE-2007-0065
Summary
| CVE | CVE-2007-0065 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-02-12 23:00:00 UTC |
| Updated | 2018-10-12 21:42:00 UTC |
| Description | Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Office | All | All | mac+os | All |
| Application | Microsoft | Office | All | All | mac\+os | All |
| Application | Microsoft | Office | All | All | mac\+os | All |
| Application | Microsoft | Visual Basic | 6.0 | sp6 | All | All |
| Application | Microsoft | Visual Basic | 6.0 | sp6 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | sp2 | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | sp2 | All | All | All |
| Operating System | Microsoft | Windows Vista | All | All | All | All |
| Operating System | Microsoft | Windows Vista | All | All | All | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | All | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Object Linking and Embedding (OLE) Automation Heap Based Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| HPSBST02314 | HP | marc.info | |
| SecurityTracker.com Archives - Windows Heap Overflow in Object Linking and Embedding (OLE) Automation Lets Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| Microsoft Security Bulletin MS08-008 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| US-CERT Technical Cyber Security Alert TA08-043C -- Microsoft Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Microsoft Windows OLE Automation Memory Corruption - Advisories - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.