CVE-2007-3897
Description
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
64.036
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Outlook Express 6 Service Pack 1 (KB941202) | Windows |
| Security Update for Outlook Express for Windows XP (KB941202) | Windows |
| Security Update for Outlook Express for Windows Server 2003 (KB941202) x86 based systems | Windows |
| Security Update for Outlook Express for Windows Server 2003 (KB941202) x86 based systems for SP2 | Windows |
| Security Update for Windows Mail for Windows Vista (KB941202) | Windows |
| Security Update for Windows Mail for Windows Vista for x64-based Systems (KB941202) | Windows |
| Security Update for Outlook Express for Windows XP x64 Edition (KB941202) | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234