Vulnerability Details : CVE-2007-0214
The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2007-0214
Probability of exploitation activity in the next 30 days: 71.42%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-0214
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
nvd@nist.gov |
References for CVE-2007-0214
-
http://www.us-cert.gov/cas/techalerts/TA07-044A.html
US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A125
-
http://www.kb.cert.org/vuls/id/563756
US Government Resource
-
http://www.securityfocus.com/bid/22478
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-008
-
http://www.vupen.com/english/advisories/2007/0577
-
http://www.securitytracker.com/id?1017635
Products affected by CVE-2007-0214
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*