CVE-2007-2222

Microsoft Internet Explorer - Memory Corruption

Title source: rule

Description

Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS.

Exploits (2)

exploitdb WORKING POC VERIFIED

by rgod · htmlremotewindows

https://www.exploit-db.com/exploits/4066

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by rgod · htmlremotewindows

https://www.exploit-db.com/exploits/4065

View Code ZIP pw:eip

References (14)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34630

[Third Party Advisory, VDB Entry] http://osvdb.org/35353

[US Government Resource] http://www.kb.cert.org/vuls/id/507433

[Vendor Advisory] http://secunia.com/advisories/25627

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/4065

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/471947/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24426

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1018235

[Various Sources] http://retrogod.altervista.org/win_speech_2k_sp4.html

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/2153

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA07-163A.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2031

[Various Sources] http://retrogod.altervista.org/win_speech_xp_sp2.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-033

Scores

EPSS 0.6361

EPSS Percentile 98.4%

Details

CWE

CWE-119

Status published

Products (3)

microsoft/internet_explorer 5.01 sp4

microsoft/internet_explorer 6 sp1 (2 CPE variants)

microsoft/internet_explorer 7.0

Published Jun 12, 2007

Tracked Since Feb 18, 2026