CVE-2007-5350

Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy reply paths."

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/28015
http://www.kb.cert.org/vuls/id/601073	US Government Resource
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/bid/26757
http://www.securitytracker.com/id?1019075
http://www.us-cert.gov/cas/techalerts/TA07-345A.html	US Government Resource
http://www.vupen.com/english/advisories/2007/4182
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-066
https://exchange.xforce.ibmcloud.com/vulnerabilities/38729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3912

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_vista::gold::::::*
	cpe:2.3:o:microsoft:windows_vista::gold:x64:::::

History

No history.

Information

Published : 2007-12-12 00:46

Updated : 2024-02-04 17:13

NVD link : CVE-2007-5350

Mitre link : CVE-2007-5350

CVE.ORG link : CVE-2007-5350

JSON object : View

Products Affected

microsoft

windows_vista

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2007-5350", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-12-12T00:46:00.000", "references": [{"url": "http://secunia.com/advisories/28015", "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/601073", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/26757", "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1019075", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2007/4182", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-066", "source": "secure@microsoft.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38729", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3912", "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving \"legacy reply paths.\""}, {"lang": "es", "value": "Vulnerabilidad no especificada en Windows Advanced Local Procedure Call (ALPC) en el n\u00facleo de Microsoft Windows Vista permite a usuarios locales ganar privilegios a trav\u00e9s de vectores no especificados afectando a \"legado de respuestas de ruta\"."}], "lastModified": "2018-10-15T21:43:55.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D34A558F-A656-43EB-AC52-C3710F77CDD8"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9DC56EB-EDC4-4DFE-BA9B-B17FF4A91734"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}