CVE-2007-0026 — Out-of-bounds Write in Microsoft Windows 2003 Server

3 documents3 sources

Severity

7.6HIGHNVD

EPSS

63.2%

top 1.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedFeb 13

Latest updateMay 1

Description

The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serversp1

🔴Vulnerability Details

GHSA

GHSA-4prx-gr76-mqgm: The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RT↗2022-05-01

▶

CVEList

CVE-2007-0026: The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RT↗2007-02-13

▶