CVE-2007-3897

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Express; Windows Mail
Vendor: CVE Published:; 9 October 2007

Summary

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

References

http://securitytracker.com/id?1018785

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/482366/100/0/threaded

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/482366/100/0/threaded

vendor-advisoryx_refsource_HP

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 9, 2007
Vulnerability Reserved
Jul 19, 2007

Collectors

NVD DatabaseMitre Database