[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-1658Date: (C)2007-03-24   (M)2023-12-22


Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1017816
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0344.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0346.html
BID-23103
SECUNIA-25639
ADV-2007-2154
HPSBST02231
MS07-034
SSRT071438
TA07-163A
http://isc.sans.org/diary.html?storyid=2507
http://news.com.com/2100-1002_3-6170133.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9014194
oval:org.mitre.oval:def:1861
win-mail-code-execution(33167)
windows-mail-code-execution(33167)

OVAL    1
oval:org.mitre.oval:def:1861

© SecPod Technologies