CVE-2007-0099: CVE-2007-0099

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2007-0099

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger NULL pointer dereferences or memory corruption, aka "MSXML Memory Corruption Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft XML Core Services竞争条件内存破坏漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Microsoft XML Core Services(MSXML)允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用，以与其他遵循XML 1.0标准的应用程序交互操作。Microsoft XML Core Services解析XML内容的方式中存在一个竞争条件错误。如果用户浏览的网页或HTML电子邮件包含有大量嵌套标签(10到1000个)，则在IFRAME中显示时JavaScript定时器会反复中断渲染进程，强制帧大约每50到100毫秒重载一次。成功利

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2007-0099

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2007-0099

Please Login to view more intelligence information

http://isc.sans.org/diary.php?storyid=2004x_refsource_MISC
http://osvdb.org/32627vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/23655third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/21872vdb-entryx_refsource_BID
http://securitytracker.com/id?1021164vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069vendor-advisoryx_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA08-316A.htmlthird-party-advisoryx_refsource_CERT
http://marc.info/?l=bugtraq&m=122703006921213&w=2vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2008/3111vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5793vdb-entrysignaturex_refsource_OVAL
http://seclists.org/fulldisclosure/2007/Jan/0110.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/455965/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0113.htmlmailing-listx_refsource_FULLDISC
http://www.securityfocus.com/archive/1/455986/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/456343/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2007-0099

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2007-0099

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2007-0099

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2007-0099

III. Intelligence Information for CVE-2007-0099

New Vulnerabilities

V. Comments for CVE-2007-0099

Leave a comment