10

CVE-2007-0040

EPSS 64.24%
Published 10.07.2007 22:30:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted LDAP request with an unspecified number of "convertible attributes."

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows 2003 Server Editionx64

Microsoft ≫ Windows 2003 Server Updatesp1

Microsoft ≫ Windows 2003 Server Updatesp1 Editionitanium

Microsoft ≫ Windows 2003 Server Updatesp2

Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	64.24%	0.984

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html

http://www.us-cert.gov/cas/techalerts/TA07-191A.html

US Government Resource

http://osvdb.org/35960

http://secunia.com/advisories/26002

http://www.iss.net/threats/267.html

http://www.kb.cert.org/vuls/id/487905

US Government Resource

http://www.securityfocus.com/bid/24800

http://www.securitytracker.com/id?1018355

http://www.vupen.com/english/advisories/2007/2481

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-039

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2012

https://nvd.nist.gov/vuln/detail/CVE-2007-0040

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0040

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0040

EUVD