CVE-2007-5756

{"id": "CVE-2007-5756", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-11-14T01:46:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27676", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26409", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018935", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3835", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.winpcap.org/misc/changelog.htm", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/27676", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/26409", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1018935", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/3835", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.winpcap.org/misc/changelog.htm", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-129"}]}], "descriptions": [{"lang": "en", "value": "Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests."}, {"lang": "es", "value": "M\u00faltiples errores de \u00edndice de array en la funci\u00f3n bpf_filter_init en NPF.SYS en WinPcap anterior a 4.0.2, cuando funciona en modo monitor (tambi\u00e9n conocido c\u00f3mo Table Management Extensions o TME), y como es utilizado en Wireshark y posiblemente otros productos, permite a usuarios locales ganar privilegios a trav\u00e9s de respuestas IOCTL manipuladas."}], "lastModified": "2024-11-21T00:38:37.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:winpcap:winpcap:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A6E528E-DE46-46F1-B8EA-0D885DA7D9E3", "versionEndExcluding": "4.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}