|
|
CVE Reference: CVE-2007-0039 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-0039 |
|
|
Description: The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/33888 ST 1018015 SAID Secunia Advisory: SA25183 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1593 OSVDB 34390 MS http://www.microsoft.com/technet/security/bulletin/ms07-026.mspx MISC http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html HP http://www.securityfocus.com/archive/1/archive/1/468871/100/200/threaded FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063232.html CERT http://www.us-cert.gov/cas/techalerts/TA07-128A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/468047/100/0/threaded BID 23808 |
|
| Return to the previous page. |
