Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2007-2221

Published: 08/05/2007 Updated: 23/07/2021
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Unspecified vulnerability in the mdsauth.dll COM object in Microsoft Windows Media Server in the Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; or 7 on Windows Vista allows remote malicious users to overwrite arbitrary files via unspecified vectors, aka the "Arbitrary File Rewrite Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft internet explorer 5.01

microsoft internet explorer 6

microsoft internet explorer 6.0

microsoft internet explorer 7.0

Exploits

Exploit DB: Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
<html> <title> MS07-027 mdsauthdll NMSA Session Description Object SaveAs control, arbitrary file modification </title> <body> <OBJECT id="target" classid="clsid:d4fe6227-1288-11d0-9097-00aa004254a0"> </OBJECT> <script language="vbscript"> //next script is converted to UTF16 targetSessionDescription=" ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/23827http://www.securitytracker.com/id?1018019http://secunia.com/advisories/23769http://www.fortiguardcenter.com/advisory/FGA-2007-07.htmlhttp://www.kb.cert.org/vuls/id/500753http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlhttp://www.osvdb.org/34404http://www.vupen.com/english/advisories/2007/1712https://exchange.xforce.ibmcloud.com/vulnerabilities/33355https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1885https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027http://www.securityfocus.com/archive/1/468871/100/200/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/3892/https://www.kb.cert.org/vuls/id/500753
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995CVE-2024-36680CVE-2024-35537unauthorizedCVE-2024-21518CVE-2024-37673cross-site scriptingSSRFCVE-2024-6241
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook