CVE-2007-2223
Microsoft Xml Core Services - Integer Overflow
Title source: ruleDescription
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
Exploits (1)
exploitdb
STUB
VERIFIED
by anonymous · javascriptremotewindows
https://www.exploit-db.com/exploits/30493
References (11)
Scores
EPSS
0.6850
EPSS Percentile
98.6%
Details
CWE
CWE-119
CWE-190
Status
published
Products (4)
microsoft/xml_core_services
3.0
microsoft/xml_core_services
4.0
microsoft/xml_core_services
6.0
microsoft/xml_core_services
5.0
Published
Aug 14, 2007
Tracked Since
Feb 18, 2026