CVE-2007-5470

{"id": "CVE-2007-5470", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-16T00:17:00.000", "references": [{"url": "http://osvdb.org/38486", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27144", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.microsoft.com/kb/942109", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25996", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file."}, {"lang": "es", "value": "Microsoft Expression Media almacena la contrase\u00f1a del cat\u00e1logo en texto en claro en el fichero de cat\u00e1logo IVC, lo cual permite a usuarios locales obtener informaci\u00f3n confidencial y obtener acceso al cat\u00e1logo al leer el fichero IVC."}], "lastModified": "2008-11-15T07:01:05.170", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:expression_media:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9EF0FC1-25B7-4909-96DA-69BC897AA29C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}