VYPR
Unrated severityNVD Advisory· Published May 8, 2007· Updated Jun 16, 2026

CVE-2007-0039

CVE-2007-0039

Description

The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2007:-:*:*:*:*:*:*
    • (no CPE)range: 2000 SP3, 2003 SP1, 2003 SP2, 2007

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.