Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-2221Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
69.6%
top 1.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedMay 8
Latest updateMay 1

Description

Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote attackers to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-9gcp-2jfc-jfrv: Unspecified vulnerability in the mdsauth2022-05-01

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)2007-05-10
CVE-2007-2221 — Microsoft vulnerability | cvebase