CVE-2007-2224 Information
Description
Object linking and embedding (OLE) Automation as used in Microsoft Windows 2000 SP4 XP SP2 Server 2003 SP1 and SP2 Office 2004 for Mac and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object which causes an integer overflow that leads to a buffer overflow.
Reference
http://secunia.com/advisories/26449 http://www.securityfocus.com/archive/1/476527/100/0/threaded http://www.securityfocus.com/bid/25282 http://www.securitytracker.com/id?1018560 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2867 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-043 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1248
Share on: