Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-0515

6 documents5 sources
Severity
9.3CRITICAL
EPSS
81.6%
top 0.81%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
Microsoft OfficeMicrosoft WordMicrosoft Word Viewer+1 more
Timeline
PublishedJan 26
Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

NVDmicrosoft/word2000, 2002, 2003+2
NVDmicrosoft/works2004, 2005, 2006+2
NVDmicrosoft/office4 versions+3

🔴Vulnerability Details

3
GHSA
GHSA-gw2r-9wm8-vx4v: Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of servic2022-05-01
CVEList
CVE-2007-0515: Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of servic2007-01-26
VulnCheck
Word Malformed Function Vulnerability2007

💥Exploits & PoCs

2
Exploit-DB
Microsoft Word 2000 - Code Execution2007-02-03
Exploit-DB
Microsoft Word 2000 - Malformed Function Code Execution2007-01-25
CVE-2007-0515 (CRITICAL CVSS 9.3) | Unspecified vulnerability in Micros | cvebase.io