CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-0065

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1310%
EPSS Percentile21.90th
Published2008年2月12日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.

Affected Platforms (CPE)

📦
Microsoft

Office

All versions
📦
Microsoft

Visual Basic

= 6.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=120361015026386&w=2
🔗 http://secunia.com/advisories/28902
🔗 http://www.securityfocus.com/bid/27661
🔗 http://www.securitytracker.com/id?1019373
🔗 http://www.us-cert.gov/cas/techalerts/TA08-043C.html
🔗 http://www.vupen.com/english/advisories/2008/0510/references
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388

相关漏洞威胁

CVE-2001-122310.0

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers...

CVE-2001-126010.0

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator pri...

CVE-2000-085410.0

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.d...

CVE-2007-111710.0

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspeci...