CVE-2007-0675 - OpenCVE

A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:H/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows Vista

Configuration 1 [-]

cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*

No data.

References

Link	Providers
http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx
http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html
http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html
http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html
http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html
http://marc.info/?l=bugtraq&m=121380194923597&w=2
http://secunia.com/advisories/30578
http://www.securityfocus.com/bid/22359
http://www.securitytracker.com/id?1020232
http://www.us-cert.gov/cas/techalerts/TA08-162B.html
http://www.vupen.com/english/advisories/2008/1779/references
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-03T01:00:00

Updated: 2024-08-07T12:26:54.299Z

Reserved: 2007-02-02T00:00:00

Link: CVE-2007-0675

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-02-03T01:28:00.000

Modified: 2018-10-12T21:42:46.720

Link: CVE-2007-0675

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-01-30T00:00:00", "descriptions": [{"lang": "en", "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"}, {"name": "30578", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30578"}, {"name": "[dailydave] 20070131 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"}, {"name": "22359", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22359"}, {"name": "TA08-162B", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"}, {"name": "oval:org.mitre.oval:def:5489", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"}, {"name": "HPSBST02344", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"}, {"name": "SSRT080087", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "1020232", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020232"}, {"name": "ADV-2008-1779", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1779/references"}, {"name": "MS08-032", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0675", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx", "refsource": "MISC", "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"}, {"name": "30578", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30578"}, {"name": "[dailydave] 20070131 Vista speach recognition", "refsource": "MLIST", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"}, {"name": "22359", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22359"}, {"name": "TA08-162B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"}, {"name": "oval:org.mitre.oval:def:5489", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"}, {"name": "HPSBST02344", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "[dailydave] 20070130 Vista speach recognition", "refsource": "MLIST", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"}, {"name": "SSRT080087", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "1020232", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020232"}, {"name": "ADV-2008-1779", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1779/references"}, {"name": "MS08-032", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"}, {"name": "[dailydave] 20070130 Vista speach recognition", "refsource": "MLIST", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"}, {"name": "[dailydave] 20070130 Vista speach recognition", "refsource": "MLIST", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:26:54.299Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"}, {"name": "30578", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30578"}, {"name": "[dailydave] 20070131 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"}, {"name": "22359", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22359"}, {"name": "TA08-162B", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"}, {"name": "oval:org.mitre.oval:def:5489", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"}, {"name": "HPSBST02344", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"}, {"name": "SSRT080087", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"name": "1020232", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020232"}, {"name": "ADV-2008-1779", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1779/references"}, {"name": "MS08-032", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"}, {"name": "[dailydave] 20070130 Vista speach recognition", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0675", "datePublished": "2007-02-03T01:00:00", "dateReserved": "2007-02-02T00:00:00", "dateUpdated": "2024-08-07T12:26:54.299Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*", "matchCriteriaId": "CC3161FD-F631-405A-BE3A-0B78D5DCD7B2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."}, {"lang": "es", "value": "Un cierto control ActiveX en la biblioteca sapi.dll (tambi\u00e9n se conoce como la API Speech) en Speech Components en Microsoft Windows Vista, cuando la funcionalidad Speech Recognition est\u00e1 habilitada, permite a atacantes remotos asistidos por el usuario eliminar archivos arbitrarios y realizar otras actividades no autorizadas, por medio de una p\u00e1gina web con un objeto de sonido integrado que contiene comandos de voz en un micr\u00f3fono habilitado, lo que permite la interacci\u00f3n con el Explorador de Windows."}], "id": "CVE-2007-0675", "lastModified": "2018-10-12T21:42:46.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-02-03T01:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"}, {"source": "cve@mitre.org", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"}, {"source": "cve@mitre.org", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"}, {"source": "cve@mitre.org", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"}, {"source": "cve@mitre.org", "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30578"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/22359"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020232"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1779/references"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}