Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
BID:24411
Info
Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
| Bugtraq ID: | 24411 |
| Class: | Design Error |
| CVE: |
CVE-2007-2229 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 12 2007 12:00AM |
| Updated: | Jun 12 2007 10:49PM |
| Credit: | Robbie Sohlman is credited with the discovery of this vulnerability. |
| Vulnerable: |
Microsoft Windows Vista x64 Edition 0 Microsoft Windows Vista December CTP Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Vista beta 2 Microsoft Windows Vista Beta 1 Microsoft Windows Vista Beta Microsoft Windows Vista 0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
Microsoft Windows Vista is prone to a local information-disclosure vulnerability.
Local attackers can exploit this issue to obtain sensitive information that may allow them to gain unauthorized access to the affected computer.
Microsoft Windows Vista is prone to a local information-disclosure vulnerability.
Local attackers can exploit this issue to obtain sensitive information that may allow them to gain unauthorized access to the affected computer.
Exploit / POC
Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
An attacker can exploit this issue by gaining local interactive access to the affected computer.
An attacker can exploit this issue by gaining local interactive access to the affected computer.
Solution / Fix
Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
Solution:
The vendor released updates to address this issue. Please see the references for more information.
Microsoft Windows Vista x64 Edition 0
Microsoft Windows Vista 0
Solution:
The vendor released updates to address this issue. Please see the references for more information.
Microsoft Windows Vista x64 Edition 0
-
Microsoft Security Update for Windows Vista for x64-based Systems (KB931213)
http://www.microsoft.com/downloads/details.aspx?FamilyId=89dde3f4-4123 -4c97-86d8-00a83462c34b&displaylang=en
Microsoft Windows Vista 0
-
Microsoft Security Update for Windows Vista (KB931213)
http://www.microsoft.com/downloads/details.aspx?FamilyId=cdf79d00-6f34 -404b-8ad5-a2801ff35443&displaylang=en
References
Microsoft Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability
References:
References: