CVE-2007-0942

Published May 8, 2007

Last updated 4 years ago

CVSS info 9.3

Overview

Description: Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," which allows remote attackers to execute arbitrary code via a crafted COM object from chtskdic.dll.
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24DF2AB3-DEAB-4D70-986E-FFBB7E64B96A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EB39B99-91A0-4B70-B12A-BA37F6AFBA83"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C0507FBE-8679-4CE3-946A-E91CD8DAEC41"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D21D1DFE-F61B-407E-A945-4F42F86947B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3461CEA0-6CCF-4AA9-B83A-420E1310C83C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A19F6133-25D1-44A5-B6B9-354703436783"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "644E2E89-F3E3-4383-B460-424D724EE62F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7D11FC8D-59DD-4CAC-B4D3-DABB7A9903F1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp1:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C0507FBE-8679-4CE3-946A-E91CD8DAEC41"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D21D1DFE-F61B-407E-A945-4F42F86947B0"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3461CEA0-6CCF-4AA9-B83A-420E1310C83C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "74EE55A2-6020-4591-9F15-80E57D19207C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BC71FD8-D385-4507-BD14-B75FDD4C79E6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References