CVE-2007-0940

CVE Database · CVE-2007-0940

CVE-2007-0940

· N/AModified

CVSS v3.1

N/A

EPSS

75.68%

Published

May 8, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability."

Affected Products (3)

microsoft · biztalk_servervulnerable

microsoft · capicomvulnerable

References (20)

http://secunia.com/advisories/25185

http://www.kb.cert.org/vuls/id/866305

US Government Resource

http://www.osvdb.org/34397

http://www.securityfocus.com/archive/1/468871/100/200/threaded

http://www.securityfocus.com/bid/23782

http://www.securitytracker.com/id?1018016

http://www.securitytracker.com/id?1018017

http://www.us-cert.gov/cas/techalerts/TA07-128A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/1713

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-028

https://exchange.xforce.ibmcloud.com/vulnerabilities/32739

KEV Catalog EPSS Scores Vendors All CVEs