Lucene search

[email protected]CVE-2007-0843

HistoryFeb 23, 2007 - 2:28 a.m.

CVE-2007-0843

2007-02-2302:28:00

CWE-264

[email protected]

web.nvd.nist.gov

readdirectorychangesw

api

microsoft windows

permissions

bypass

local users

security vulnerability

nvd

cve-2007-0843

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

15.0%

JSON

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2003_servermicrosoft windows 2003 servereq*
microsoft:windows_vistamicrosoft windows vistaeq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2003_server	microsoft windows 2003 server	eq	*
microsoft:windows_vista	microsoft windows vista	eq	*

References

lists.grok.org.uk/pipermail/full-disclosure/2007-February/052613.html

osvdb.org/33474

packetstormsecurity.com/files/163755/Microsoft-Windows-Malicious-Software-Removal-Tool-Privilege-Escalation.html

secunia.com/advisories/24245

securityreason.com/securityalert/2282

securityvulns.com/advisories/readdirectorychanges.asp

www.securityfocus.com/archive/1/460887/100/0/threaded

www.securityfocus.com/archive/1/460899/100/0/threaded

www.securityfocus.com/bid/22664

www.vupen.com/english/advisories/2007/0701

exchange.xforce.ibmcloud.com/vulnerabilities/32644

Social References

6.3 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

15.0%

JSON

Related for CVE-2007-0843

zaraza1 securityvulns3 prion1 security_vulns1 cvelist1