CVE-2007-6255
Microsoft Windows - Remote Code Execution via HeartbeatCtl ActiveX Host Argument Overflow
Title source: llmDescription
Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28882
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/44652
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41940
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-069
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/570089
Scores
EPSS
0.3018
EPSS Percentile
98.0%
Details
CWE
CWE-119
Status
published
Products (4)
microsoft/windows_2000
microsoft/windows_server_2003
(6 CPE variants)
microsoft/windows_vista
(2 CPE variants)
microsoft/windows_xp
(5 CPE variants)
Published
Apr 23, 2008
Tracked Since
Feb 18, 2026