CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0940

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile16.85th
PublishedMay 8, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Biztalk Server

= 2004
πŸ“¦
Microsoft

Biztalk Server

= 2004
πŸ“¦
Microsoft

Capicom

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/25185
πŸ”— http://www.kb.cert.org/vuls/id/866305
πŸ”— http://www.osvdb.org/34397
πŸ”— http://www.securityfocus.com/archive/1/468871/100/200/threaded
πŸ”— http://www.securityfocus.com/bid/23782
πŸ”— http://www.securitytracker.com/id?1018016
πŸ”— http://www.securitytracker.com/id?1018017
πŸ”— http://www.us-cert.gov/cas/techalerts/TA07-128A.html

Related Vulnerabilities

CVE-2009-15349.3

Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP...

CVE-2012-01588.8

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Micros...

CVE-2003-01177.5

Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to ...

CVE-2003-01187.5

SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 al...