CVE-2007-3897

Loading...

General

Score:9.3/10.0
Severity:High
Category:Buffer Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 10/10/07 - Updated on 26/10/18

Description

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2007-3897
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2007-AVI-431

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
microsoftoutlook_express
microsoftwindows_mail

Share this vulnerability with:

Twitter Facebook LinkedIn Mail