CVE-2007-2496

EXPLOITED

WordViewer.ocx 3.2.0.5 - DoS

Title source: llm

Description

The WordOCX ActiveX control in WordViewer.ocx 3.2.0.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) DoOleCommand, (2) FTPDownloadFile, (3) FTPUploadFile, (4) HttpUploadFile, (5) GotoPage, (6) Save, (7) SaveWebFile, (8) HttpDownloadFile, (9) Open, (10) OpenWebFile, (11) SaveAs, or (12) ShowWordStandardDialog property value.

Exploits (1)

exploitdb WORKING POC VERIFIED
by shinnai · htmldoswindows
https://www.exploit-db.com/exploits/3836

References (6)

Scores

EPSS 0.0736
EPSS Percentile 91.7%

Details

VulnCheck KEV 2010-05-01
Status published
Products (1)
office_ocx/word_viewer_ocx 3.2.0.5
Published May 04, 2007
Tracked Since Feb 18, 2026