| ID |
CVE-2007-2218
|
| Summary |
Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
|
| CVSS |
| Base: | 9.3 (as of 16-10-2018 - 16:42) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2012-09-10T04:00:42.686-04:00 | | class | vulnerability | | contributors | | name | Robert L. Hollis | | organization | ThreatGuard, Inc. |
| name | Chandan S | | organization | SecPod Technologies |
| | definition_extensions | | comment | Microsoft Windows 2000 SP4 or later is installed | | oval | oval:org.mitre.oval:def:229 |
| comment | Microsoft Windows XP SP2 or later is installed | | oval | oval:org.mitre.oval:def:521 |
| comment | Microsoft Windows XP SP1 (64-bit) is installed | | oval | oval:org.mitre.oval:def:480 |
| comment | Microsoft Windows XP x64 Edition SP2 is installed | | oval | oval:org.mitre.oval:def:4193 |
| comment | Microsoft Windows Server 2003 SP1 (x86) is installed | | oval | oval:org.mitre.oval:def:565 |
| comment | Microsoft Windows Server 2003 SP2 (x86) is installed | | oval | oval:org.mitre.oval:def:1935 |
| | description | Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denial of service via crafted digital signatures that are processed during an SSL handshake. | | family | windows | | id | oval:org.mitre.oval:def:1895 | | status | accepted | | submitted | 2007-06-12T03:29:54.000-04:00 | | title | Windows Security Channel Remote Execution Vulnerability | | version | 74 |
|
| refmap
via4
|
| bid | 24416 | | cert | TA07-163A | | cert-vn | VU#810073 | | hp | | | sectrack | 1018226 | | secunia | 25620 | | vupen | ADV-2007-2151 |
|
| Last major update |
16-10-2018 - 16:42 |
| Published |
12-06-2007 - 19:30 |
| Last modified |
16-10-2018 - 16:42 |
