Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2007-2216
HistoryAug 14, 2007 - 9:17 p.m.

CVE-2007-2216

2007-08-1421:17:00
CWE-16
microsoft
web.nvd.nist.gov
40
tblinf32.dll
vstlbinf.dll
activex control
internet explorer
remote code execution
dll file vulnerability
nvd
cve-2007-2216

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.945

Percentile

99.3%

JSON

The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka β€œActiveX Object Vulnerability.”

Affected configurations

Nvd
Node
microsoftinternet_explorerMatch5.01
OR
microsoftinternet_explorerMatch6sp1
OR
microsoftinternet_explorerMatch7
VendorProductVersionCPE
microsoftinternet_explorer5.01cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
microsoftinternet_explorer7cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

Related

saint 4
cvelist 1
nvd 1
checkpoint_advisories 1
prion 1
seebug 1
exploitdb 1
openvas 2
securityvulns 2
nessus 1
saint
saint
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability
2007-08-17 00:00:00
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability
2007-08-17 00:00:00
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability
2007-08-17 00:00:00
cvelist
cvelist
CVE-2007-2216
2007-08-14 21:00:00
nvd
nvd
CVE-2007-2216
2007-08-14 21:17:00
checkpoint_advisories
checkpoint_advisories
Internet Explorer tblinf32.dll ActiveX Object Code Execution (MS07-045; CVE-2007-2216)
2007-08-30 00:00:00
prion
prion
Design/Logic Flaw
2007-08-14 21:17:00
seebug
seebug
Microsoft IE tblinf32.dll ActiveXζŽ§δ»ΆθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS07-045οΌ‰
2007-08-17 00:00:00
exploitdb
exploitdb
Microsoft Internet Explorer 5.0.1 - 'TBLinf32.dll' ActiveX Control Remote Code Execution
2007-05-08 00:00:00
openvas
openvas
Cumulative Security Update for Internet Explorer (937143)
2010-07-08 00:00:00
Cumulative Security Update for Internet Explorer (937143)
2010-07-08 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2007-08-17 00:00:00
Microsoft Security Bulletin MS07-045 - Critical Cumulative Security Update for Internet Explorer (937143)
2007-08-14 00:00:00
nessus
nessus
MS07-045: Cumulative Security Update for Internet Explorer (937143)
2007-08-14 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.945

Percentile

99.3%

JSON
Related for CVE-2007-2216
saint4cvelist1nvd1checkpoint_advisories1prion1seebug1exploitdb1openvas2securityvulns2nessus1