[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0213Date: (C)2007-05-08   (M)2023-12-22


Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1018015
BID-23809
SECUNIA-25183
OSVDB-34391
ADV-2007-1711
HPSBST02214
MS07-026
TA07-128A
VU#343145
exchange-mime-base64-code-execution(33889)
http://packetstormsecurity.com/files/153533/Microsoft-Exchange-2003-base64-MIME-Remote-Code-Execution.html
oval:org.mitre.oval:def:1890

CPE    3
cpe:/a:microsoft:exchange_server:2000:sp3
cpe:/a:microsoft:exchange_server:2003:sp2
cpe:/a:microsoft:exchange_server:2003:sp1
CWE    1
CWE-20
OVAL    1
oval:org.mitre.oval:def:1890

© SecPod Technologies