CVE-2007-0026

Description

The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.

Risk Information

Base Score

8.8

MODERATE

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

63.231

Associated Vulnerability

Vulnerability	OS Platform
Security Update for Windows 2000 (KB926436)	Windows
Security Update for Windows XP (KB926436)	Windows
Security Update for Windows Server 2003 (KB926436) x86 based systems	Windows
Security Update for Windows Server 2003 (KB926436) x86 based systems for SP1	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234