CVE-2007-6255

EPSS 57.95%
Published 23.04.2008 13:05:00
Last modified 09.04.2025 00:30:58
Source cret@cert.org
Teams watchlist Login
Open Login

Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Version- Updatesp4

Microsoft ≫ Internet Explorer Version5.01 Updatesp4
Microsoft ≫ Internet Explorer Version6 Updatesp1

Microsoft ≫ Windows Server 2003 Version- HwPlatformx64

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- Updatesp1

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- Updatesp1 HwPlatformitanium

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- Updatesp2

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- Updatesp2 HwPlatformitanium

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- Updatesp2 HwPlatformx64

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Xp Version- SwEditionprofessional HwPlatformx64

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Xp Version- Updatesp2

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Xp Version- Updatesp2 SwEditionprofessional HwPlatformx64

Microsoft ≫ Internet Explorer Version6

Microsoft ≫ Windows Server 2003 Version- HwPlatformx64

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Server 2003 Version- Updatesp1

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Server 2003 Version- Updatesp1 HwPlatformitanium

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Server 2003 Version- Updatesp2

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Server 2003 Version- Updatesp2 HwPlatformitanium

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Server 2003 Version- Updatesp2 HwPlatformx64

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Vista Version-

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Vista Version- HwPlatformx64

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Xp Version- Editionprofessional HwPlatformx64

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Xp Version- Updatesp2

Microsoft ≫ Internet Explorer Version7

Microsoft ≫ Windows Xp Version- Updatesp2 Editionprofessional HwPlatformx64

Microsoft ≫ Internet Explorer Version7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	57.95%	0.981

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069

http://osvdb.org/44652

Broken Link

http://www.kb.cert.org/vuls/id/570089

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/28882

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/41940

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2007-6255

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-6255

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-6255

EUVD