QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0039

Published: May 8, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070508 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_HP

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_MS

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_HP

oval:org.mitre.oval:def:1593

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_CERT

exchange-ical-dos(33888)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_VUPEN

http://www.determina.com/security.research/vulnerabilities/exchange-ical-modprops.html

x_refsource_MISC

vdb-entry

x_refsource_BID

20070509 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039)

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.