CVE-2007-1973

Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.

CVSS v2.0 6.9 MEDIUM

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/37635
http://research.eeye.com/html/advisories/published/AD20070410a.html	Vendor Advisory
http://securityreason.com/securityalert/2563
http://www.securityfocus.com/archive/1/465232/100/0/threaded
http://osvdb.org/37635
http://research.eeye.com/html/advisories/published/AD20070410a.html	Vendor Advisory
http://securityreason.com/securityalert/2563
http://www.securityfocus.com/archive/1/465232/100/0/threaded

Configurations

Configuration 1 (hide)

cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:29

Type	Values Removed	Values Added
References	~~() http://osvdb.org/37635 -~~	() http://osvdb.org/37635 -
References	~~() http://research.eeye.com/html/advisories/published/AD20070410a.html - Vendor Advisory~~	() http://research.eeye.com/html/advisories/published/AD20070410a.html - Vendor Advisory
References	~~() http://securityreason.com/securityalert/2563 -~~	() http://securityreason.com/securityalert/2563 -
References	~~() http://www.securityfocus.com/archive/1/465232/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/465232/100/0/threaded -

Information

Published : 2007-04-11 23:19

Updated : 2024-11-21 00:29

NVD link : CVE-2007-1973

Mitre link : CVE-2007-1973

CVE.ORG link : CVE-2007-1973

JSON object : View

Products Affected

microsoft

windows_nt

CWE

NVD-CWE-Other

{"id": "CVE-2007-1973", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-04-11T23:19:00.000", "references": [{"url": "http://osvdb.org/37635", "source": "cve@mitre.org"}, {"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2563", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/37635", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2563", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."}, {"lang": "es", "value": "Condici\u00f3n de carrera en la Virtual DOS Machine (VDM) en el n\u00facleo de Windows en Microsoft Windows NT 4.0 permite a usuarios locales modificar la memoria y obtener privilegios mediante un manejador de secci\u00f3n \\Device\\PhysicalMemory temporal, un asunto relacionado con CVE-2007-1206."}], "lastModified": "2024-11-21T00:29:35.520", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}