返回 CVE 浏览器

CVE-2007-0940

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0310%

EPSS Percentile16.85th

Published2007年5月8日

Last Modified2026年4月23日

Vulnerability Description

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

Affected Platforms (CPE)

📦

Microsoft

Biztalk Server

= 2004

📦

Microsoft

Biztalk Server

= 2004

📦

Microsoft

Capicom

All versions

References & Advisories

🔗 http://secunia.com/advisories/25185

🔗 http://www.kb.cert.org/vuls/id/866305

🔗 http://www.osvdb.org/34397

🔗 http://www.securityfocus.com/archive/1/468871/100/200/threaded

🔗 http://www.securityfocus.com/bid/23782

🔗 http://www.securitytracker.com/id?1018016

🔗 http://www.securitytracker.com/id?1018017

🔗 http://www.us-cert.gov/cas/techalerts/TA07-128A.html

相关漏洞威胁

CVE-2009-15349.3

Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP...

CVE-2012-01588.8

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Micros...

CVE-2003-01177.5

Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to ...

CVE-2003-01187.5

SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 al...