CVE Vulnerability

CVE-2007-2229

Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store ACLs Information Disclosure Vulnerability."

7.2 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.us-cert.gov/cas/techalerts/TA07-163A.html US Government Resource
http://www.securityfocus.com/bid/24411
http://www.securitytracker.com/id?1018225
http://secunia.com/advisories/25623 Vendor Advisory
http://www.vupen.com/english/advisories/2007/2152 Vendor Advisory
http://osvdb.org/35344
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1529
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-032
http://www.securityfocus.com/archive/1/471947/100/0/threaded
Configurations

Configuration 1

cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
Information

Published : 2007-06-12 07:30

Updated : 2018-10-16 04:42

NVD link : CVE-2007-2229

Mitre link : CVE-2007-2229

Products Affected
No products.
CWE
CWE-264