Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2007-2216 | First vendor Publication | 2007-08-14 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2216 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-16 | Configuration |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:2109 | |||
Oval ID: | oval:org.mitre.oval:def:2109 | ||
Title: | ActiveX Object Vulnerability | ||
Description: | The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-2216 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2010-07-08 | Name : Cumulative Security Update for Internet Explorer (937143) File : nvt/ms07-045.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36396 | Microsoft IE ActiveX tblinf32.dll Unspecified Arbitrary Code Execution Internet Explorer contains a flaw that may permit a remote attacker to execute arbitrary code via unknown attack vectors. The issue is the result of an incorrect IObjectsafety implementation and MS VB6 objects. It is possible that the flaw may result in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Internet Explorer CSS strings parsing memory corruption attempt RuleID : 17645 - Revision : 9 - Type : BROWSER-IE |
2014-01-10 | Microsoft Package and Deployment Wizard ActiveX function call unicode access RuleID : 13324 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Package and Deployment Wizard ActiveX function call access RuleID : 13323 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Package and Deployment Wizard ActiveX clsid unicode access RuleID : 13322 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Package and Deployment Wizard ActiveX clsid access RuleID : 13321 - Revision : 17 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer CSS memory corruption exploit RuleID : 12277 - Revision : 19 - Type : BROWSER-IE |
2014-01-10 | Microsoft Visual Basic 6 TypeLibInfo ActiveX function call unicode access RuleID : 12276 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access RuleID : 12275 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid unicode access RuleID : 12274 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access RuleID : 12273 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 TLIApplication ActiveX function call unicode access RuleID : 12272 - Revision : 8 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 TLIApplication ActiveX function call access RuleID : 12271 - Revision : 8 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 TLIApplication ActiveX function call RuleID : 12270 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 TLIApplication ActiveX clsid access RuleID : 12269 - Revision : 19 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 SearchHelper ActiveX function call unicode access RuleID : 12268 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 SearchHelper ActiveX function call access RuleID : 12267 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 SearchHelper ActiveX clsid unicode access RuleID : 12266 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 SearchHelper ActiveX clsid access RuleID : 12265 - Revision : 11 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 PDWizard.File ActiveX function call unicode access RuleID : 12264 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 PDWizard.File ActiveX function call access RuleID : 12263 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Visual Basic 6 PDWizard.File ActiveX clsid unicode access RuleID : 12262 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access RuleID : 12261 - Revision : 10 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-08-14 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms07-045.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:34 |
|
2021-07-24 01:44:11 |
|
2021-07-24 01:03:42 |
|
2021-07-23 21:25:01 |
|
2021-07-23 17:24:38 |
|
2021-05-04 12:05:40 |
|
2021-04-22 01:06:14 |
|
2020-05-23 00:19:38 |
|
2018-10-16 21:19:55 |
|
2018-10-13 00:22:37 |
|
2017-10-11 09:23:55 |
|
2016-06-28 16:24:14 |
|
2016-04-26 16:02:18 |
|
2014-02-17 10:39:54 |
|
2014-01-19 21:24:03 |
|
2013-05-11 10:23:52 |
|