7.5
CVE-2007-1535
- EPSS 11.79%
- Veröffentlicht 20.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.79% | 0.955 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/archive/1/462793/100/0/threaded
http://www.securityfocus.com/archive/1/464617/100/0/threaded
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html
http://osvdb.org/33667
http://www.securityfocus.com/bid/23267