CVE-2007-3039

Microsoft Message Queuing - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.

Exploits (5)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16750
exploitdb WORKING POC VERIFIED
by Marcin Kozlowski · cremotewindows
https://www.exploit-db.com/exploits/4934
exploitdb WORKING POC VERIFIED
by Andres Tarasco · textremotewindows
https://www.exploit-db.com/exploits/4760
exploitdb WORKING POC VERIFIED
by axis · c++remotewindows
https://www.exploit-db.com/exploits/4745
metasploit WORKING POC GOOD
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/dcerpc/ms07_065_msmq.rb

References (14)

Scores

EPSS 0.8339
EPSS Percentile 99.3%

Details

CWE
CWE-119
Status published
Products (1)
microsoft/message_queuing
Published Dec 12, 2007
Tracked Since Feb 18, 2026