CVE-2007-1528

high

Description

The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the "Spoof on Bridge" attack.

References

http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html

http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf

http://www.securityfocus.com/bid/23280

http://www.securityfocus.com/archive/1/464617/100/0/threaded

http://www.securityfocus.com/archive/1/462793/100/0/threaded

http://osvdb.org/33662

Details

Source: Mitre, NVD

Published: 2007-03-20

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.10623