Memory Corruption Vulnerability in Microsoft Content Management Server
CVE-2007-0938

Currently unrated

Key Information:

Vendor: Microsoft
Status: Content Management Server
Vendor: CVE Published:; 10 April 2007

What is CVE-2007-0938?

This vulnerability exists in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2, stemming from improper handling of certain characters in a specially crafted HTTP GET request. If exploited, it allows attackers to execute arbitrary code on the affected system, potentially leading to unauthorized access and control over the server. The vulnerability highlights the need for system administrators to apply appropriate patches and ensure robust input validation mechanisms are in place to protect against such exploits.

References

http://www.securityfocus.com/archive/1/466331/100/200/thr...

vendor-advisoryx_refsource_HP

http://www.osvdb.org/34006

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/1322

vdb-entryx_refsource_VUPEN

EPSS Score

38% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2007
Vulnerability Reserved
Feb 14, 2007