Published: 14/08/2007 Updated: 23/07/2021

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote malicious users to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft internet explorer 5.01
microsoft internet explorer 6
microsoft internet explorer 7

source: wwwsecurityfocuscom/bid/25289/info The Microsoft Visual Basic 6 TypeLib Information Library (TLI) ActiveX control is prone to a remote code-execution vulnerability An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document Successfully exploiting this issue allows remote attackers t ...

CWE-16 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.securityfocus.com/bid/25289 http://www.osvdb.org/36396 http://securitytracker.com/id?1018562 http://secunia.com/advisories/26419 http://www.vupen.com/english/advisories/2007/2869 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2109 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045 http://www.securityfocus.com/archive/1/476742/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30490/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2216

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect