Lucene search

MitreCVE-2007-0843

HistoryFeb 23, 2007 - 2:28 a.m.

CVE-2007-0843

2007-02-2302:28:00

CWE-264

mitre

web.nvd.nist.gov

readdirectorychangesw

api

microsoft windows

permissions

bypass

local users

security vulnerability

nvd

cve-2007-0843

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

Low

EPSS

Percentile

15.7%

JSON

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.

Affected configurations

Nvd

Node

microsoftwindows_2000

microsoftwindows_2003_server

microsoftwindows_vistabeta1

microsoftwindows_xphome

microsoftwindows_xpgold

microsoftwindows_xpsp164-bit_2003

microsoftwindows_xpsp1embedded

microsoftwindows_xpsp1home

microsoftwindows_xpsp1media_center

microsoftwindows_xpsp1professional

microsoftwindows_xpsp1tablet_pc

microsoftwindows_xpsp2home

microsoftwindows_xpsp2media_center

microsoftwindows_xpsp2professional

microsoftwindows_xpsp2tablet_pc

VendorProductVersionCPE
microsoftwindows_2000*cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
microsoftwindows_2003_server*cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
microsoftwindows_vista*cpe:2.3:o:microsoft:windows_vista:*:beta1:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit_2003:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
microsoftwindows_xp*cpe:2.3:o:microsoft:windows_xp:*:sp1:professional:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows_2000	*	cpe:2.3:o:microsoft:windows_2000::::::::
microsoft	windows_2003_server	*	cpe:2.3:o:microsoft:windows_2003_server::::::::
microsoft	windows_vista	*	cpe:2.3:o:microsoft:windows_vista::beta1::::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp:::home:::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::gold::::::*
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp1:64-bit_2003:::::
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp1:embedded:::::
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
microsoft	windows_xp	*	cpe:2.3:o:microsoft:windows_xp::sp1:professional:::::

Rows per page:

1-10 of 151

References

lists.grok.org.uk/pipermail/full-disclosure/2007-February/052613.html

osvdb.org/33474

packetstormsecurity.com/files/163755/Microsoft-Windows-Malicious-Software-Removal-Tool-Privilege-Escalation.html

secunia.com/advisories/24245

securityreason.com/securityalert/2282

securityvulns.com/advisories/readdirectorychanges.asp

www.securityfocus.com/archive/1/460887/100/0/threaded

www.securityfocus.com/archive/1/460899/100/0/threaded

www.securityfocus.com/bid/22664

www.vupen.com/english/advisories/2007/0701

exchange.xforce.ibmcloud.com/vulnerabilities/32644

Social References

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2007-0843