Intrusion Prevention

MS.Speech.Engines.ActiveX.Remote.Buffer.Overflow

Description

This indicates an attempt to exploit a remote Code Execution vulnerability in a component of Microsoft Speech API 4.
The vulnerability can be exploited by constructing a specially crafted Web page. When a victim views the Web page, the vulnerability will allow remote code execution. An attacker who successfully exploits this vulnerability can take complete control of a vulnerable system.

Affected Products

Microsoft Speech API 4.

Impact

System Compromise: Remote code execution.

Recommended Actions

Apply the following update from the vendor:
http://www.microsoft.com/technet/security/bulletin/ms07-033.mspx

CVE References

CVE-2007-2222