CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft : Security Vulnerabilities Published In 2007 (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6401 119 Exec Code Overflow 2007-12-17 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6402.
2 CVE-2007-6387 119 1 Exec Code Overflow 2007-12-14 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information.
3 CVE-2007-6357 119 Exec Code Overflow 2007-12-14 2008-11-15
5.8
None Remote Medium Not required Partial Partial None
Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944.
4 CVE-2007-6026 119 Exec Code Overflow 2007-11-19 2011-08-02
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
5 CVE-2007-5351 94 Exec Code 2007-12-11 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnerability."
6 CVE-2007-5347 399 Exec Code Mem. Corr. 2007-12-11 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "unexpected method calls to HTML objects," aka "DHTML Object Memory Corruption Vulnerability."
7 CVE-2007-5344 94 Exec Code Mem. Corr. 2007-12-11 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a crafted website using Javascript that creates, modifies, deletes, and accesses document objects using the tags property, which triggers heap corruption, related to uninitialized or deleted objects, a different issue than CVE-2007-3902 and CVE-2007-3903, and a variant of "Uninitialized Memory Corruption Vulnerability."
8 CVE-2007-5144 119 DoS Exec Code Overflow 2007-10-01 2008-11-15
4.3
None Remote Medium Not required None None Partial
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file.
9 CVE-2007-4814 119 2 Exec Code Overflow 2007-09-11 2009-02-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
10 CVE-2007-4790 119 1 Exec Code Overflow 2007-09-10 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function.
11 CVE-2007-4776 119 2 Exec Code Overflow 2007-09-10 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability.
12 CVE-2007-4336 1 Exec Code Overflow 2007-08-14 2008-11-15
4.3
None Remote Medium Not required None None Partial
Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.
13 CVE-2007-4254 1 Exec Code Overflow 2007-08-08 2008-11-15
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127.
14 CVE-2007-4042 Exec Code 2007-07-27 2008-11-15
7.5
None Remote Low Not required Partial Partial Partial
Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
15 CVE-2007-4041 78 Exec Code 2007-07-27 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
16 CVE-2007-4040 79 Exec Code XSS 2007-07-27 2008-09-05
4.3
None Remote Medium Not required None Partial None
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670.
17 CVE-2007-3954 79 Exec Code XSS 2007-07-24 2008-09-05
4.3
None Remote Medium Not required None Partial None
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a mailto URI, which are inserted into the command line that is created when invoking SeaMonkey.exe, a related issue to CVE-2007-3670.
18 CVE-2007-3930 Exec Code XSS 2007-07-20 2008-11-15
4.3
None Remote Medium Not required None Partial None
Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain.
19 CVE-2007-3924 Exec Code 2007-07-20 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of 20070713, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE.
20 CVE-2007-3903 399 Exec Code Mem. Corr. 2007-12-11 2011-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability."
21 CVE-2007-3902 399 Exec Code Mem. Corr. 2007-12-11 2011-10-03
9.3
Admin Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an HTML element, one variant of "Uninitialized Memory Corruption Vulnerability."
22 CVE-2007-3901 119 1 Exec Code Overflow 2007-12-11 2011-04-18
8.5
Admin Remote Medium Single system Complete Complete Complete
Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.
23 CVE-2007-3899 94 Exec Code Mem. Corr. 2007-10-09 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."
24 CVE-2007-3897 119 Exec Code Overflow Mem. Corr. 2007-10-09 2011-04-12
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
25 CVE-2007-3895 119 Exec Code Overflow 2007-12-11 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file.
26 CVE-2007-3893 399 Exec Code Mem. Corr. 2007-10-09 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.
27 CVE-2007-3891 Exec Code 2007-08-14 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.
28 CVE-2007-3890 Exec Code Mem. Corr. 2007-08-14 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
29 CVE-2007-3670 79 Exec Code XSS 2007-07-10 2013-08-22
4.3
None Remote Medium Not required None Partial None
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) FirefoxURL or (2) FirefoxHTML URI, which are inserted into the command line that is created when invoking firefox.exe. NOTE: it has been debated as to whether the issue is in Internet Explorer or Firefox. As of 20070711, it is CVE's opinion that IE appears to be failing to properly delimit the URL argument when invoking Firefox, and this issue could arise with other protocol handlers in IE as well. However, Mozilla has stated that it will address the issue with a "defense in depth" fix that will "prevent IE from sending Firefox malicious data."
30 CVE-2007-3282 1 DoS Exec Code Overflow 2007-06-19 2008-11-15
7.8
None Remote Low Not required None None Complete
Buffer overflow in the Microsoft Office MSODataSourceControl ActiveX object allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the DeleteRecordSourceIfUnused method.
31 CVE-2007-3111 1 Exec Code Overflow 2007-06-07 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value.
32 CVE-2007-3091 362 Exec Code 2007-06-06 2012-10-30
7.1
None Remote Medium Not required None None Complete
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain Information Disclosure Vulnerability."
33 CVE-2007-3041 Exec Code Mem. Corr. 2007-08-14 2011-03-25
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability."
34 CVE-2007-3040 119 Exec Code Overflow 2007-09-11 2011-08-02
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205.
35 CVE-2007-3039 119 3 Exec Code Overflow 2007-12-11 2008-09-05
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
36 CVE-2007-3037 119 Exec Code Overflow 2007-08-14 2011-04-12
4.0
None Remote High Not required Partial Partial None
Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins."
37 CVE-2007-3035 Exec Code 2007-08-14 2011-04-12
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
38 CVE-2007-3034 189 Exec Code Overflow 2007-08-14 2011-03-29
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.
39 CVE-2007-3033 79 Exec Code XSS 2007-08-14 2011-03-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone.
40 CVE-2007-3032 Exec Code 2007-08-14 2008-09-10
6.8
User Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
41 CVE-2007-3030 Exec Code Mem. Corr. 2007-07-10 2012-10-30
7.6
Admin Remote High Not required Complete Complete Complete
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnerability".
42 CVE-2007-3029 Exec Code Mem. Corr. 2007-07-10 2012-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption.
43 CVE-2007-3027 Exec Code Mem. Corr. 2007-06-12 2012-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability."
44 CVE-2007-2938 1 Exec Code Overflow 2007-05-30 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods.
45 CVE-2007-2931 119 Exec Code Overflow 2007-08-31 2011-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
46 CVE-2007-2897 DoS Exec Code Bypass +Info 2007-05-30 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute arbitrary code after connecting a data stream to a device COM port; via requests for a URI containing a '/' immediately before and after the name of a DOS device, as demonstrated by the /AUX/.aspx URI, which bypasses a blacklist for DOS device requests.
47 CVE-2007-2884 399 2 DoS Exec Code Overflow 2007-05-29 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Project (vbp) file with a long (1) Description or (2) Company Name (VersionCompanyName) field.
48 CVE-2007-2374 Exec Code 2007-04-30 2012-11-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Windows 2000, XP, and Server 2003 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. NOTE: this information is based upon a vague pre-advisory with no actionable information. However, the advisory is from a reliable source.
49 CVE-2007-2224 119 Exec Code Overflow 2007-08-14 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow.
50 CVE-2007-2223 119 Exec Code Overflow 2007-08-14 2011-04-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Total number of vulnerabilities : 122   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.