CVE-2007-3038

{"id": "CVE-2007-3038", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-07-10T22:30:00.000", "references": [{"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html", "source": "secure@microsoft.com"}, {"url": "http://osvdb.org/35952", "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/26001", "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/101321", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/473294/100/0/threaded", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/24779", "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1018354", "source": "secure@microsoft.com"}, {"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-005.txt", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2007/2480", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-038", "source": "secure@microsoft.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35322", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1884", "source": "secure@microsoft.com"}, {"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/35952", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26001", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/101321", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/473294/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24779", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1018354", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-005.txt", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-191A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2480", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-038", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35322", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1884", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka \"Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability.\""}, {"lang": "es", "value": "El interfaz Teredo de Microsoft Windows Vista y Vista x64 Edition no maneja adecuadamente cierto tr\u00e1fico de red, lo cual permite a atacantes remotos evitar las reglas de bloqueo del cortafuegos y obtener informaci\u00f3n sensible mediante tr\u00e1fico IPv6 manipulado artesanalmente, tambi\u00e9n conocido como \"Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability\"."}], "lastModified": "2024-11-21T00:32:15.060", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}