Arbitrary Code Execution Vulnerability in Microsoft Office Web Components 2000
CVE-2007-1201

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Studio .net; Biztalk Server; Office; Internet Security And Acceleration Server
Vendor: CVE Published:; 11 March 2008

Summary

The Microsoft Office Web Components 2000 has an unspecified vulnerability arising from certain COM objects. This flaw can be exploited by remote attackers, requiring user interaction, to execute arbitrary code. The vulnerability is linked to data-related vectors that result in memory corruption, potentially compromising the integrity of user systems and data.

References

http://www.securitytracker.com/id?1019581

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.vupen.com/english/advisories/2008/0849/references

vdb-entryx_refsource_VUPEN

EPSS Score

45% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 11, 2008
Vulnerability Reserved
Mar 2, 2007