9.3

CVE-2007-0944

Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version5.01 Updatesp4
   MicrosoftWindows 2000 Updatesp4
MicrosoftIe Version6.0 Updatesp1
   MicrosoftWindows 2000 Updatesp4
MicrosoftIe Version6.0 Updatesp1
   MicrosoftWindows Xp Updatesp2
MicrosoftIe Version6.0 Updatesp1
   MicrosoftWindows 2003 Server Versionsp2
MicrosoftIe Version6.0 Updatesp1
   MicrosoftWindows 2003 Server Versionsp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 35.07% 0.982
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027
http://secunia.com/advisories/23769
http://www.securitytracker.com/id?1018019
http://www.vupen.com/english/advisories/2007/1712
http://www.osvdb.org/34400
http://www.securityfocus.com/archive/1/467989/100/0/threaded
http://www.securityfocus.com/bid/23771
http://www.zerodayinitiative.com/advisories/ZDI-07-027.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/33253
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1722