7.8

CVE-2007-0221

Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftExchange Server Version2000 Updatesp3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 37.24% 0.983
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://www.securityfocus.com/archive/1/468871/100/200/threaded
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Third Party Advisory
US Government Resource
http://secunia.com/advisories/25183
Patch
Third Party Advisory
http://www.securitytracker.com/id?1018015
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2007/1711
Permissions Required
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026
Patch
Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526
Patch
Third Party Advisory
http://www.osvdb.org/34392
Broken Link
http://www.securityfocus.com/bid/23810
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/33890
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054
Third Party Advisory