CVE-2007-0938

Currently unrated

Key Information:

Vendor
Microsoft
Status
Content Management Server
Vendor
CVE Published:
10 April 2007

Summary

Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability."

References

http://www.securityfocus.com/archive/1/466331/100/200/thr...
vendor-advisoryx_refsource_HP
http://www.osvdb.org/34006
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/1322
vdb-entryx_refsource_VUPEN

EPSS Score

84% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.