7.8
CVE-2007-0221
- EPSS 37.24%
- Veröffentlicht 08.05.2007 23:19:00
- Zuletzt bearbeitet 16.06.2026 22:35:08
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Exchange Server Version2000 Updatesp3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 37.24% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
http://secunia.com/advisories/25183
http://www.securitytracker.com/id?1018015
http://www.vupen.com/english/advisories/2007/1711
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526
http://www.osvdb.org/34392
http://www.securityfocus.com/bid/23810
https://exchange.xforce.ibmcloud.com/vulnerabilities/33890
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054