CVE-2007-0065

high

Description

Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008

http://www.vupen.com/english/advisories/2008/0510/references

http://www.us-cert.gov/cas/techalerts/TA08-043C.html

http://www.securitytracker.com/id?1019373

http://www.securityfocus.com/bid/27661

http://secunia.com/advisories/28902

http://marc.info/?l=bugtraq&m=120361015026386&w=2

Details

Source: Mitre, NVD

Published: 2008-02-12

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High