cvelistv5 - cve-2007-0934

CVE-2007-0934 (GCVE-0-2007-0934)

Vulnerability from cvelistv5

Published

2007-06-12 19:00

Modified

2024-08-07 12:34

Severity ?

CWE

Summary

Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.

References

►

URL

Tags

secure@microsoft.com	http://osvdb.org/35342
secure@microsoft.com	http://secunia.com/advisories/25619
secure@microsoft.com	http://www.securityfocus.com/archive/1/471947/100/0/threaded
secure@microsoft.com	http://www.securityfocus.com/archive/1/471947/100/0/threaded
secure@microsoft.com	http://www.securityfocus.com/bid/24349
secure@microsoft.com	http://www.securitytracker.com/id?1018227
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA07-163A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2007/2150
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/34607
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35342
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25619
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/471947/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/471947/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24349
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018227
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-163A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2150
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34607
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:34:21.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:1925",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
          },
          {
            "name": "25619",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25619"
          },
          {
            "name": "MS07-030",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
          },
          {
            "name": "SSRT071438",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
          },
          {
            "name": "ADV-2007-2150",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2150"
          },
          {
            "name": "visio-version-code-execution(34607)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
          },
          {
            "name": "1018227",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018227"
          },
          {
            "name": "TA07-163A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
          },
          {
            "name": "24349",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24349"
          },
          {
            "name": "35342",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35342"
          },
          {
            "name": "HPSBST02231",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:1925",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
        },
        {
          "name": "25619",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25619"
        },
        {
          "name": "MS07-030",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
        },
        {
          "name": "SSRT071438",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
        },
        {
          "name": "ADV-2007-2150",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2150"
        },
        {
          "name": "visio-version-code-execution(34607)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
        },
        {
          "name": "1018227",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018227"
        },
        {
          "name": "TA07-163A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
        },
        {
          "name": "24349",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24349"
        },
        {
          "name": "35342",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35342"
        },
        {
          "name": "HPSBST02231",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2007-0934",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:1925",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
            },
            {
              "name": "25619",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25619"
            },
            {
              "name": "MS07-030",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
            },
            {
              "name": "SSRT071438",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
            },
            {
              "name": "ADV-2007-2150",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2150"
            },
            {
              "name": "visio-version-code-execution(34607)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
            },
            {
              "name": "1018227",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018227"
            },
            {
              "name": "TA07-163A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
            },
            {
              "name": "24349",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24349"
            },
            {
              "name": "35342",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35342"
            },
            {
              "name": "HPSBST02231",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2007-0934",
    "datePublished": "2007-06-12T19:00:00",
    "dateReserved": "2007-02-14T00:00:00",
    "dateUpdated": "2024-08-07T12:34:21.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-0934\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2007-06-12T19:30:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Microsoft Visio 202 permite a atacantes remotos con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo de Visio (.VSD, .VSS, .VST) con un n\u00famero de versi\u00f3n manipulado que dispara una corrupci\u00f3n de memoria.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E24DF34-F4A8-4C28-9593-F019FE3E3BA2\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/35342\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://secunia.com/advisories/25619\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/471947/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/471947/100/0/threaded\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securityfocus.com/bid/24349\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.securitytracker.com/id?1018227\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-163A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2150\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34607\",\"source\":\"secure@microsoft.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925\",\"source\":\"secure@microsoft.com\"},{\"url\":\"http://osvdb.org/35342\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25619\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/471947/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/471947/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24349\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018227\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-163A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34607\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2007-0934

Vulnerability from fkie_nvd

Published

2007-06-12 19:30

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secure@microsoft.com	http://osvdb.org/35342
secure@microsoft.com	http://secunia.com/advisories/25619
secure@microsoft.com	http://www.securityfocus.com/archive/1/471947/100/0/threaded
secure@microsoft.com	http://www.securityfocus.com/archive/1/471947/100/0/threaded
secure@microsoft.com	http://www.securityfocus.com/bid/24349
secure@microsoft.com	http://www.securitytracker.com/id?1018227
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA07-163A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2007/2150
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/34607
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35342
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25619
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/471947/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/471947/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24349
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018227
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-163A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2150
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34607
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925

Impacted products

	Vendor	Product	Version
	microsoft	visio	2002

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E24DF34-F4A8-4C28-9593-F019FE3E3BA2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Microsoft Visio 202 permite a atacantes remotos con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo de Visio (.VSD, .VSS, .VST) con un n\u00famero de versi\u00f3n manipulado que dispara una corrupci\u00f3n de memoria."
    }
  ],
  "id": "CVE-2007-0934",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-06-12T19:30:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://osvdb.org/35342"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://secunia.com/advisories/25619"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/bid/24349"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id?1018227"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2007/2150"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-fgq5-974g-fwrf

Vulnerability from github

Published

2022-05-01 17:48

Modified

2022-05-01 17:48

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-0934"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-06-12T19:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.",
  "id": "GHSA-fgq5-974g-fwrf",
  "modified": "2022-05-01T17:48:43Z",
  "published": "2022-05-01T17:48:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0934"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/35342"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25619"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24349"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018227"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2150"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2007-0934

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-0934

Aliases

CVE-2007-0934

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-0934",
    "description": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.",
    "id": "GSD-2007-0934"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-0934"
      ],
      "details": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.",
      "id": "GSD-2007-0934",
      "modified": "2023-12-13T01:21:35.823622Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2007-0934",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "oval:org.mitre.oval:def:1925",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
          },
          {
            "name": "25619",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25619"
          },
          {
            "name": "MS07-030",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
          },
          {
            "name": "SSRT071438",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
          },
          {
            "name": "ADV-2007-2150",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2150"
          },
          {
            "name": "visio-version-code-execution(34607)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
          },
          {
            "name": "1018227",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018227"
          },
          {
            "name": "TA07-163A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
          },
          {
            "name": "24349",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24349"
          },
          {
            "name": "35342",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35342"
          },
          {
            "name": "HPSBST02231",
            "refsource": "HP",
            "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:visio:2002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2007-0934"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA07-163A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-163A.html"
            },
            {
              "name": "24349",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24349"
            },
            {
              "name": "1018227",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018227"
            },
            {
              "name": "25619",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/25619"
            },
            {
              "name": "ADV-2007-2150",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/2150"
            },
            {
              "name": "35342",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35342"
            },
            {
              "name": "visio-version-code-execution(34607)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34607"
            },
            {
              "name": "oval:org.mitre.oval:def:1925",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1925"
            },
            {
              "name": "MS07-030",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-030"
            },
            {
              "name": "SSRT071438",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/471947/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-16T16:35Z",
      "publishedDate": "2007-06-12T19:30Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-0934 (GCVE-0-2007-0934)

Vulnerability from cvelistv5

fkie_cve-2007-0934

Vulnerability from fkie_nvd

ghsa-fgq5-974g-fwrf

Vulnerability from github

gsd-2007-0934

Vulnerability from gsd

Tags

Sightings

Nomenclature