CVE-2007-0940

Severity

93%

Complexity

86%

Confidentiality

165%

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft

First reported 17 years ago

2007-05-08 23:19:00

Last updated 6 years ago

2018-10-16 16:35:00

Affected Software

Microsoft Biztalk Server 2004 Service Pack 1

2004

Microsoft Biztalk Server 2004 Service Pack 2

2004

Microsoft CAPICOM

References

25185

VU#866305

US Government Resource

34397

HPSBST02214

23782

1018016

1018017

TA07-128A

US Government Resource

ADV-2007-1713

MS07-028

ms-capicom-code-execution(32739)

oval:org.mitre.oval:def:1670

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.