5.7 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Microsoft Windows Vista uses insecure default permissions for unspecified “local user information data stores” in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka “Permissive User Information Store ACLs Information Disclosure Vulnerability.”
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_vista | microsoft windows vista | eq | * |
osvdb.org/35344
secunia.com/advisories/25623
www.securityfocus.com/archive/1/471947/100/0/threaded
www.securityfocus.com/bid/24411
www.securitytracker.com/id?1018225
www.us-cert.gov/cas/techalerts/TA07-163A.html
www.vupen.com/english/advisories/2007/2152
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-032
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1529