Lucene search

MicrosoftCVE-2007-0218

HistoryJun 12, 2007 - 7:30 p.m.

CVE-2007-0218

2007-06-1219:30:00

CWE-94

microsoft

web.nvd.nist.gov

cve-2007-0218

microsoft

internet explorer

code execution

urlmon.dll

com object

memory corruption

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.837

Percentile

98.5%

JSON

Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.

Affected configurations

Nvd

Node

microsoftwindows_2000sp4

AND

microsoftinternet_explorerMatch5.01sp4

microsoftinternet_explorerMatch6sp1

Node

microsoftwindows_2003_serverMatchsp1

microsoftwindows_2003_serverMatchsp2

microsoftwindows_xpprofessional_x64

microsoftwindows_xpsp2

microsoftwindows_xpsp2professional_x64

AND

microsoftinternet_explorerMatch6

microsoftinternet_explorerMatch7.0

Node

microsoftwindows_2003_serverx64

microsoftwindows_2003_serversp2x64

microsoftwindows_2003_serverMatchsp1itanium

microsoftwindows_2003_serverMatchsp2itanium

AND

microsoftinternet_explorerMatch6

microsoftinternet_explorerMatch7.0

Node

microsoftwindows_vistagold

microsoftwindows_vistagoldx64

AND

microsoftinternet_explorerMatch7.0

VendorProductVersionCPE
microsoftwindows_2000*cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
microsoftinternet_explorer5.01cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
microsoftwindows_2003_serversp1cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
microsoftwindows_2003_serversp2cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
microsoftinternet_explorer7.0cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_2000	*	cpe:2.3:o:microsoft:windows_2000::sp4::::::*
microsoft	internet_explorer	5.01	cpe:2.3:a:microsoft:internet_explorer:5.01:sp4::::::
microsoft	internet_explorer	6	cpe:2.3:a:microsoft:internet_explorer:6:sp1::::::
microsoft	windows_2003_server	sp1	cpe:2.3:o:microsoft:windows_2003_server:sp1:::::::*
microsoft	windows_2003_server	sp2	cpe:2.3:o:microsoft:windows_2003_server:sp2:::::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp:::professional_x64:::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp2:professional_x64:::::
microsoft	internet_explorer	6	cpe:2.3:a:microsoft:internet_explorer:6:::::::*
microsoft	internet_explorer	7.0	cpe:2.3:a:microsoft:internet_explorer:7.0:::::::*