CVE-2007-1749 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	63.98%	–	–
2023-03-12	–	–	–	95.99%	–
2023-04-02	–	–	–	96.01%	–
2023-05-07	–	–	–	95.13%	–
2023-07-16	–	–	–	94.5%	–
2023-11-05	–	–	–	95.13%	–
2024-01-21	–	–	–	95.15%	–
2024-02-25	–	–	–	95.1%	–
2024-06-02	–	–	–	94.98%	–
2024-06-23	–	–	–	94.87%	–
2024-12-22	–	–	–	92.61%	–
2025-01-12	–	–	–	92.88%	–
2025-01-19	–	–	–	92.88%	–
2025-03-18	–	–	–	–	75.33%
2025-03-18	–	–	–	–	75.33,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	99%
2023-03-12	99%
2023-04-02	99%
2023-05-07	99%
2023-07-16	99%
2023-11-05	99%
2024-01-21	99%
2024-02-25	99%
2024-06-02	99%
2024-06-23	99%
2024-12-22	99%
2025-01-12	99%
2025-01-19	99%
2025-03-18	99%
2025-03-18	99%

source: https://www.securityfocus.com/bid/25310/info Microsoft Internet Explorer is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue occurs when rendering VML (Vector Markup Language) graphics. Attackers can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Successful attacks may facilitate the remote compromise of affected computers. Failed attacks will likely cause denial-of-service conditions. To exploit this issue, an attacker must entice an unsuspecting user to view a malicious HTML document. A VML document containing the following construct pointing to a malicious compressed image file will trigger this issue: <v:rect> <v:imagedata src="http://www.example.com/compressed.emz"> </v:rect>