CVE-2007-3897

N/A Unknown
Published: October 09, 2007 Modified: April 23, 2026
View on NVD

Description

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=607
Source: secure@microsoft.com
Broken Link
http://secunia.com/advisories/27112
Source: secure@microsoft.com
Third Party Advisory
http://securitytracker.com/id?1018785
Source: secure@microsoft.com
Third Party Advisory VDB Entry
http://securitytracker.com/id?1018786
Source: secure@microsoft.com
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/481983/100/100/threaded
Source: secure@microsoft.com
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/482366/100/0/threaded
Source: secure@microsoft.com
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25908
Source: secure@microsoft.com
Third Party Advisory VDB Entry
http://www.us-cert.gov/cas/techalerts/TA07-282A.html
Source: secure@microsoft.com
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/3436
Source: secure@microsoft.com
Permissions Required Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-056
Source: secure@microsoft.com
Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1706
Source: secure@microsoft.com
Third Party Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=607
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/27112
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1018785
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://securitytracker.com/id?1018786
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/481983/100/100/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/482366/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25908
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.us-cert.gov/cas/techalerts/TA07-282A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/3436
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-056
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1706
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

22 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
54.6%
99th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

microsoft

Related CVEs

CVE-2026-40941 N/A
CVE-2026-40084 6.5
CVE-2026-40083 7.2
CVE-2026-40082 5.4
CVE-2026-40080 6.1