Release DateJun 13, 2007 |
Severitylow |
ImpactSystem Compromise: remote code execution. |
DescriptionThis indicates an attempt to exploit a remote code execution vulnerability in a component of Microsoft Speech API 4.An attacker can exploit the vulnerability by constructing a specially crafted Web page. When a victim views the Web page, the vulnerability will allow remote code execution. An attacker who successfully exploits this vulnerability can take complete control of a vulnerable system. |
Affected ProductsMicrosoft Speech API 4. |
Recommended ActionsApply the update from http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-2222 |
Reference/shttp://www.milw0rm.com/exploits/4066http://technet.microsoft.com/en-us/security/bulletin/MS07-033.mspx (MS-ID) http://www.frsirt.com/english/advisories/2007/2153 (FrSIRT) http://www.milw0rm.com/exploits/4065 http://milw0rm.org/exploits/5087 |
