Zero-day Vulnerability Database

Change view

Zero-day vulnerabilities discovered: 10

Multiple vulnerabilities in Microsoft Internet Explorer
CVE-2007-5347

Memory corruption

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an error when handling certain DHTML object methods. A remote attacker can create a specially crafted HTML page, trick the victim into visiting it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Software: Microsoft Internet Explorer

Privilege escalation in Macrovision SafeDisc driver for Microsoft Windows
CVE-2007-5587

Buffer overflow

The vulnerability allows a local user to escalation privileges on vulnerable system.

The vulnerability exists due to incorrect handling of configuration parameters within Macrovision SafeDisc SECDRV.SYS driver, shipped by default with Windows XP and Windows 2003 operating systems. A local user pass specially crafted parameters to METHOD_NEITHER IOCTL and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability allows a local unprivileged user to elevate his privileges and gain administrative access to vulnerable system.

Note: the vulnerability is being actively exploited.

Software: Windows

Remote code execution via URI handlers in Microsoft Windows
CVE-2007-3896

OS command injection

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to insufficient filtration of URIs in Shell32.dll when open applications via URL handlers (e.g. mailto:). A remote attacker can create a specially crafted URI, containing invalid sequence of % characters, trick the victim to click on it and execute arbitrary system commands with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Software: Windows

Remote code execution in Microsoft Word
CVE-2007-3899

Memory corruption

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malformed strings in Word document. A remote attacker can create a specially crafted MS Word document, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Software: Microsoft Word

Remote code execution in Microsoft DNS server
CVE-2007-1748

Stack-based buffer overflow

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing RPC requests in Microsoft Windows DNS server, which contain long zone name parameter with escaped octal strings.
A remote attacker can send a specially crafted RPC request to vulnerable DNS server, cause stack-based buffer overflow and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Software: Windows Server

Remote code execution in Microsoft Windows
CVE-2007-0038

Buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling cursor, animated cursor, and icon formats. A remote attacker can create a specially crafted malicious cursor or icon file, cause buffer overflow and execute arbitrary code on vulnerable system.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

i

This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered in the wild by McAfee.

Software: Windows

This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered in the wild by McAfee.

Remote code execution in Microsoft Word
CVE-2007-0870

Memory corruption

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malformed stream in Word document. A remote attacker can create a specially crafted MS Word document, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

i

According to CERT, this vulnerability has been actively exploited in the wild before official patch release.

Software: Microsoft Word

According to CERT, this vulnerability has been actively exploited in the wild before official patch release.

Buffer overflow in Microsoft Excel
CVE-2007-0671

Buffer overflow

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malformed records in Excel files. A remote attacker can create a specially crafted Excel file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

i

The attack was reported on February 2007. The exploit dropped malware that used www.top10member.com C&C server. According to TrendMicro, the malware functionality was very similar to BKDR_SYKIPOT.B.

Software: Microsoft Excel

Known/fameous malware:

Exploit-MSExcel.h.

The attack was reported on February 2007. The exploit dropped malware that used www.top10member.com C&C server. According to TrendMicro, the malware functionality was very similar to BKDR_SYKIPOT.B.

Remote code execution in Microsoft Word
CVE-2007-0515

Buffer overflow

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability is caused by boundary error when processing malformed function in Word files. A remote attacker can create a specially crafted Word file, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.


Software: Microsoft Word

Known/fameous malware:

Backdoor.Trojan Downloader
Backdoor.Pcclient.B (MCID 8260)
Backdoor.Ginwui.E (MCID 8890)
Trojan.Mdropper.W

Buffer overflow in Internet Explorer VML
CVE-2007-0024

Buffer overflow

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in Vgx.dll library when handling Vector Markup Language (VML) tags. A remote attacker can create a specially crafted web page, trick the victim into opening it and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability is being actively exploited.

Software: Microsoft Internet Explorer