Lucene search

[email protected]CVE-2007-2229

HistoryJun 12, 2007 - 7:30 p.m.

CVE-2007-2229

2007-06-1219:30:00

CWE-264

[email protected]

web.nvd.nist.gov

microsoft

windows

vista

permissions

local user

information disclosure

vulnerability

nvd

5.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Microsoft Windows Vista uses insecure default permissions for unspecified “local user information data stores” in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka “Permissive User Information Store ACLs Information Disclosure Vulnerability.”

CPENameOperatorVersion
microsoft:windows_vistamicrosoft windows vistaeq*

CPE	Name	Operator	Version
microsoft:windows_vista	microsoft windows vista	eq	*

References

osvdb.org/35344

secunia.com/advisories/25623

www.securityfocus.com/archive/1/471947/100/0/threaded

www.securityfocus.com/bid/24411

www.securitytracker.com/id?1018225

www.us-cert.gov/cas/techalerts/TA07-163A.html

www.vupen.com/english/advisories/2007/2152

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-032

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1529

5.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2007-2229

securityvulns2 prion1 openvas2 nessus1