QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-1512

Back to search

CVE-2007-1512

Published: Mar 20, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the "MFC42u.dll Off-by-Two Overflow." NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025.

VendorProductVersions

n/a

n/a

affected
n/a

References

20070316 MS07-012 Not Fixed
mailing-list
x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now