CVE-2007-2903 : Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (O

Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (OUACTRL.OCX) 1.0.1.9 allows remote attackers to cause a denial of service (probably winhlp32.exe crash) via a long first argument. NOTE: it is not clear whether this issue crosses privilege boundaries.

Published 2007-05-30 10:30:00

Updated 2017-07-29 01:31:50

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2007-2903

Probability of exploitation activity in the next 30 days: 42.62%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-2903

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2007-2903

Products affected by CVE-2007-2903

Microsoft » Office » Version: 2000
cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2007-2903

Exploit prediction scoring system (EPSS) score for CVE-2007-2903

CVSS scores for CVE-2007-2903

References for CVE-2007-2903

Products affected by CVE-2007-2903