Vulnerabilities > CVE-2007-2496 - Multiple vulnerability in Office OCX Word Viewer OCX 3.2.0.5

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

office-ocx

exploit available

NVD

Published: 2007-05-04

Updated: 2017-07-29

Summary

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) GotoPage, (6) Save, (7) SaveWebFile, (8) HttpDownloadFile, (9) Open, (10) OpenWebFile, (11) SaveAs, or (12) ShowWordStandardDialog property value.

Vulnerable Configurations

Part	Description	Count
Application	Office_Ocx Office OCX Word Viewer OCX 3.2.0.5	1

Exploit-Db

description	Word Viewer OCX 3.2 Remote Denial of Service Exploit. CVE-2007-2496. Dos exploit for windows platform
id	EDB-ID:3836
last seen	2016-01-31
modified	2007-05-03
published	2007-05-03
reporter	shinnai
source	https://www.exploit-db.com/download/3836/
title	Word Viewer OCX 3.2 - Remote Denial of Service Exploit

Summary

Vulnerable Configurations

Exploit-Db

References