CVE-2007-1205
published 2007-04-10CVE-2007-1205: Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote…
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
30.91%
98.0th percentile
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
| microsoft | windows_2003_server | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9859-7vpf-8wx3: Stack-based buffer overflow in agentdpv
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-3040 [CRITICAL] CWE-119 GHSA-9859-7vpf-8wx3: Stack-based buffer overflow in agentdpv
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205.
GHSA
GHSA-f6rc-6rg6-44h6: Unspecified vulnerability in Microsoft Agent (msagent\agentsvr
ghsa_unreviewed·2022-05-01
CVE-2007-1205 [HIGH] GHSA-f6rc-6rg6-44h6: Unspecified vulnerability in Microsoft Agent (msagent\agentsvr
Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.
Red Hat
CVE-2007-4049: No description is available for this CVE
vendor_redhat·CVSS 4.3
CVE-2007-4049 [MEDIUM] CVE-2007-4049: No description is available for this CVE
No description is available for this CVE.
Statement: Not vulnerable. This is a rediscovery and therefore a duplicate of CVE-2000-1205 which was corrected in upstream Apache httpd 1.3.11.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/22896http://secunia.com/secunia_research/2006-74/advisory/http://www.kb.cert.org/vuls/id/728057http://www.securityfocus.com/archive/1/465235/100/0/threadedhttp://www.securityfocus.com/archive/1/466331/100/200/threadedhttp://www.securityfocus.com/bid/23337http://www.securitytracker.com/id?1017896http://www.us-cert.gov/cas/techalerts/TA07-100A.htmlhttp://www.vupen.com/english/advisories/2007/1324https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034http://secunia.com/advisories/22896http://secunia.com/secunia_research/2006-74/advisory/http://www.kb.cert.org/vuls/id/728057http://www.securityfocus.com/archive/1/465235/100/0/threadedhttp://www.securityfocus.com/archive/1/466331/100/200/threadedhttp://www.securityfocus.com/bid/23337http://www.securitytracker.com/id?1017896http://www.us-cert.gov/cas/techalerts/TA07-100A.htmlhttp://www.vupen.com/english/advisories/2007/1324https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034
2007-04-10
Published