Vulnerability Details : CVE-2007-3039

Public exploit exists!
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
Published 2007-12-12 00:46:00
Updated 2018-10-16 16:47:06
Source Microsoft Corporation
View at NVD,   CVE.org
Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2007-3039

Probability of exploitation activity in the next 30 days: 97.39%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2007-3039

  • MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow
    Disclosure Date: 2007-12-11
    First seen: 2020-04-26
    exploit/windows/dcerpc/ms07_065_msmq
    This module exploits a stack buffer overflow in the RPC interface to the Microsoft Message Queueing service. This exploit requires the target system to have been configured with a DNS name and for that name to be supplied in the 'DNAME' option. This name does not nee

CVSS scores for CVE-2007-3039

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
9.0
 HIGH AV:N/AC:L/Au:S/C:C/I:C/A:C
8.0
10.0
 NIST

CWE ids for CVE-2007-3039

References for CVE-2007-3039

Products affected by CVE-2007-3039

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close