9.3
CVE-2007-0940
- EPSS 75.68%
- Veröffentlicht 08.05.2007 23:19:00
- Zuletzt bearbeitet 16.06.2026 22:36:36
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Biztalk Server Version2004 Updatesp1
Microsoft ≫ Biztalk Server Version2004 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 75.68% | 0.995 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
http://secunia.com/advisories/25185
http://www.kb.cert.org/vuls/id/866305
http://www.osvdb.org/34397
http://www.securityfocus.com/bid/23782
http://www.securitytracker.com/id?1018016
http://www.securitytracker.com/id?1018017
http://www.vupen.com/english/advisories/2007/1713
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028
https://exchange.xforce.ibmcloud.com/vulnerabilities/32739
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1670