CVE-2007-2223
Description
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Related CPE's
References
Broken Link
Third Party AdvisoryUS Government Resource
Third Party AdvisoryVDB Entry
Third Party AdvisoryVDB Entry
Vendor Advisory
Third Party AdvisoryVDB Entry
Vendor Advisory
Third Party Advisory
PatchVendor Advisory
Third Party AdvisoryVDB Entry
Third Party AdvisoryVDB Entry
CvssV3 impact
Could not find any metrics
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:M/Au:N/C:C/I:C/A:C |
AccessVector | NETWORK |
AccessComplexity | MEDIUM |
Authentication | NONE |
ConfidentialityImpact | COMPLETE |
IntegrityImpact | COMPLETE |
AvailabilityImpact | COMPLETE |
BaseScore | 9.300000190734863 |