cvelistv5 - cve-2007-0675

CVE-2007-0675 (GCVE-0-2007-0675)

Vulnerability from cvelistv5

Published

2007-02-03 01:00

Modified

2024-08-07 12:26

Severity ?

CWE

Summary

A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer.

References

URL

Tags

	http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx	x_refsource_MISC
	http://secunia.com/advisories/30578	third-party-advisory, x_refsource_SECUNIA
	http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/22359	vdb-entry, x_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA08-162B.html	third-party-advisory, x_refsource_CERT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=121380194923597&w=2	vendor-advisory, x_refsource_HP
	http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html	mailing-list, x_refsource_MLIST
	http://marc.info/?l=bugtraq&m=121380194923597&w=2	vendor-advisory, x_refsource_HP
	http://www.securitytracker.com/id?1020232	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/1779/references	vdb-entry, x_refsource_VUPEN
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032	vendor-advisory, x_refsource_MS
	http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html	mailing-list, x_refsource_MLIST
	http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:26:54.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"
          },
          {
            "name": "30578",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30578"
          },
          {
            "name": "[dailydave] 20070131 Vista speach recognition",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"
          },
          {
            "name": "22359",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22359"
          },
          {
            "name": "TA08-162B",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
          },
          {
            "name": "oval:org.mitre.oval:def:5489",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"
          },
          {
            "name": "HPSBST02344",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
          },
          {
            "name": "[dailydave] 20070130 Vista speach recognition",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"
          },
          {
            "name": "SSRT080087",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
          },
          {
            "name": "1020232",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020232"
          },
          {
            "name": "ADV-2008-1779",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1779/references"
          },
          {
            "name": "MS08-032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"
          },
          {
            "name": "[dailydave] 20070130 Vista speach recognition",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"
          },
          {
            "name": "[dailydave] 20070130 Vista speach recognition",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"
        },
        {
          "name": "30578",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30578"
        },
        {
          "name": "[dailydave] 20070131 Vista speach recognition",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"
        },
        {
          "name": "22359",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22359"
        },
        {
          "name": "TA08-162B",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
        },
        {
          "name": "oval:org.mitre.oval:def:5489",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"
        },
        {
          "name": "HPSBST02344",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
        },
        {
          "name": "[dailydave] 20070130 Vista speach recognition",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"
        },
        {
          "name": "SSRT080087",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
        },
        {
          "name": "1020232",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020232"
        },
        {
          "name": "ADV-2008-1779",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1779/references"
        },
        {
          "name": "MS08-032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"
        },
        {
          "name": "[dailydave] 20070130 Vista speach recognition",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"
        },
        {
          "name": "[dailydave] 20070130 Vista speach recognition",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0675",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"
            },
            {
              "name": "30578",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30578"
            },
            {
              "name": "[dailydave] 20070131 Vista speach recognition",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"
            },
            {
              "name": "22359",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22359"
            },
            {
              "name": "TA08-162B",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
            },
            {
              "name": "oval:org.mitre.oval:def:5489",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"
            },
            {
              "name": "HPSBST02344",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
            },
            {
              "name": "[dailydave] 20070130 Vista speach recognition",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"
            },
            {
              "name": "SSRT080087",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=121380194923597\u0026w=2"
            },
            {
              "name": "1020232",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020232"
            },
            {
              "name": "ADV-2008-1779",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1779/references"
            },
            {
              "name": "MS08-032",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"
            },
            {
              "name": "[dailydave] 20070130 Vista speach recognition",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"
            },
            {
              "name": "[dailydave] 20070130 Vista speach recognition",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0675",
    "datePublished": "2007-02-03T01:00:00.000Z",
    "dateReserved": "2007-02-02T00:00:00.000Z",
    "dateUpdated": "2024-08-07T12:26:54.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2008-AVI-308

Vulnerability from certfr_avis

Une vulnérabilité a été identifiée dans la mise en œuvre de l'interface de reconnaissance vocale Windows. Elle avait fait l'objet d'un article dans le bulletin d'actualité CERTA-2007-ACT-005. Il s'agit ici d'une mise à jour cumulative.

Description

Une vulnérabilité a été identifiée dans la mise en œuvre de l'interface de reconnaissance vocale Windows. Elle avait fait l'objet d'un article dans le bulletin d'actualité CERTA-2007-ACT-005.

Il s'agit ici d'une mise à jour cumulative qui consiste à activer le kill bit de certains contrôles ActiveX liés à la reconnaissance vocale sous Windows (en particulier sapi.dll).

Le service de reconnaissance vocale n'est pas activé par défaut.

Solution

Se référer au bulletin de sécurité MS08-032 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows 2003 Server (SP1 et SP2) pour systèmes Itanium ;
Microsoft	Windows	Windows Vista x64 Edition ;
Microsoft	Windows	Windows XP x64 Edition ;
Microsoft	Windows	Windows XP Service Pack 2 ;
Microsoft	Windows	Windows 2003 Server x64 Edition Service Pack 2 ;
Microsoft	Windows	Windows 2003 Server x64 Edition ;
Microsoft	Windows	Windows Vista x64 Edition Service Pack 1 ;
Microsoft	Windows	Windows 2008 Server (pour systèmes 32-bit, x64 et Itanium).
Microsoft	Windows	Windows XP Service Pack 3 ;
Microsoft	Windows	Windows 2003 Server Service Pack 2 ;
Microsoft	Windows	Windows Vista Service Pack 1 ;
Microsoft	Windows	Windows XP x64 Edition Service Pack 2 ;
Microsoft	Windows	Windows Vista ;
Microsoft	Windows	Windows 2003 Server Service Pack 1 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-032 du 10 juin 2008	None	vendor-advisory
Bulletin d'actualité CERTA-2007-ACT-005 du 02 février 2007, « La reconnaissance vocale sous Windows Vista » :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows 2003 Server (SP1 et SP2) pour syst\u00e8mes Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista x64 Edition Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2008 Server (pour syst\u00e8mes 32-bit, x64 et Itanium).",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Pack 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003 Server Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en \u0153uvre de l\u0027interface\nde reconnaissance vocale Windows. Elle avait fait l\u0027objet d\u0027un article\ndans le bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-005.\n\nIl s\u0027agit ici d\u0027une mise \u00e0 jour cumulative qui consiste \u00e0 activer le\nkill bit de certains contr\u00f4les ActiveX li\u00e9s \u00e0 la reconnaissance vocale\nsous Windows (en particulier sapi.dll).\n\nLe service de reconnaissance vocale n\u0027est pas activ\u00e9 par d\u00e9faut.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-032 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-0675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0675"
    }
  ],
  "initial_release_date": "2008-06-11T00:00:00",
  "last_revision_date": "2008-06-11T00:00:00",
  "links": [
    {
      "title": "Bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-005 du 02 f\u00e9vrier 2007,    \u00ab La reconnaissance vocale sous Windows Vista \u00bb :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ACT-005.pdf"
    }
  ],
  "reference": "CERTA-2008-AVI-308",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-06-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la mise en \u0153uvre de l\u0027interface\nde reconnaissance vocale Windows. Elle avait fait l\u0027objet d\u0027un article\ndans le bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-005. Il s\u0027agit ici d\u0027une\nmise \u00e0 jour cumulative.\n",
  "title": "Vuln\u00e9rabilit\u00e9 li\u00e9e au service de reconnaissance vocale Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-032 du 10 juin 2008",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-032.mspx"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-0675 (GCVE-0-2007-0675)

Vulnerability from cvelistv5

CERTA-2008-AVI-308

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature