<< Back
CVE Number Vulnerability Product Severity Date
MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution (931906) CAPICOM Critical 09-05-2007

Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in Cryptographic API Component Object Model (CAPICOM) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Detailed Information on the risk:
This bulletin covers a remote code execution vulnerability in Capicom, which is an ActiveX scriptable COM object wrapper for the Microsoft Crypto API. The vulnerability occurs due to a bad pointer dereference.Further information on this exploit is available at : MS07-028

Affected Software

CAPICOM
Platform SDK Redistributable: CAPICOM
BizTalk Server 2004 Service Pack 1