CVE-2007-2224
Description
Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
70.298
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows 2000 (KB921503) | Windows |
| Security Update for Windows XP (KB921503) | Windows |
| Security Update for Windows Server 2003 (KB921503) x86 based systems | Windows |
| Security Update for Windows Server 2003 (KB921503) x86 based systems for SP2 | Windows |
| Security Update for Windows XP x64 Edition (KB921503) | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234