CVE-2007-2223

Name of the Vulnerable Software and Affected Versions Microsoft XML Core Services (MSXML) versions 3.0 through 6.0

Description A remote code execution issue exists, allowing attackers to execute arbitrary code via the substringData method on a TextNode or XMLDOM object, leading to an integer overflow and buffer overflow. This could enable an attacker to make changes to the system with the permissions of the logged-on user. If the user has administrative rights, the attacker could gain complete control of the system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft XML Core Services (MSXML) versions 3.0 through 6.0, update to a version outside of this range to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.