CVE-2007-0084

{"id": "CVE-2007-0084", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 2.7, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-01-05T11:28:00.000", "references": [{"url": "http://osvdb.org/37817", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/455729/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/455789/100/0/threaded", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/37817", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/455729/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/455789/100/0/threaded", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP allows local users to gain privileges via a long MC-filename. NOTE: this issue has been disputed by a reliable third party who states that the compiler is not a privileged program, so privilege boundaries cannot be crossed"}, {"lang": "es", "value": "** IMPUGNADO ** Desbordamiento de b\u00fafer en Windows NT Message Compiler (MC) 1.00.5239 sobre Microsoft Windows XP permiten a un usuario local obtener privilegios a trav\u00e9s de un MC-nombre de fichero. NOTA: Este asunto ha sido impugnado por una tercerta parte creible que indica que el compilador no es un programa privilegiado, por lo que los limites de privilegio no pueden estar cruzados."}], "lastModified": "2024-11-21T00:24:56.010", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:message_compiler:1.00.5239:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D6D878F-1C39-48C5-9FBD-78B59D3CF1F3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}