Detections
Analytics

CVE-2007-2229

medium

Description

Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive information such as administrative passwords, aka "Permissive User Information Store ACLs Information Disclosure Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1529

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-032

http://www.vupen.com/english/advisories/2007/2152

http://www.us-cert.gov/cas/techalerts/TA07-163A.html

http://www.securitytracker.com/id?1018225

http://www.securityfocus.com/bid/24411

http://www.securityfocus.com/archive/1/471947/100/0/threaded

http://secunia.com/advisories/25623

http://osvdb.org/35344

Details

Source: Mitre, NVD

Published: 2007-06-12

Updated: 2018-10-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium