Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2007-2221

Published: 08/05/2007 Updated: 23/07/2021
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote malicious users to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet_explorer 5.01

microsoft internet_explorer 6

microsoft internet_explorer 6.0

microsoft internet_explorer 7.0

Exploits

Exploit DB: Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
<html> <title> MS07-027 mdsauthdll NMSA Session Description Object SaveAs control, arbitrary file modification </title> <body> <OBJECT id="target" classid="clsid:d4fe6227-1288-11d0-9097-00aa004254a0"> </OBJECT> <script language="vbscript"> //next script is converted to UTF16 targetSessionDescription=" ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/23827http://www.securitytracker.com/id?1018019http://secunia.com/advisories/23769http://www.fortiguardcenter.com/advisory/FGA-2007-07.htmlhttp://www.kb.cert.org/vuls/id/500753http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlhttp://www.osvdb.org/34404http://www.vupen.com/english/advisories/2007/1712https://exchange.xforce.ibmcloud.com/vulnerabilities/33355https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1885https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027http://www.securityfocus.com/archive/1/468871/100/200/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/3892/https://www.kb.cert.org/vuls/id/500753
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook