CVE-2007-1532
- EPSS 10.62%
- Veröffentlicht 20.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:46
The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements.
- EPSS 10.62%
- Veröffentlicht 20.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:46
The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks.
CVE-2007-1534
- EPSS 12.73%
- Veröffentlicht 20.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:46
DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connections on TCP port 5722 for 2 minutes after Windows Meeting Space is closed, which allows remote attackers to have an unknown impact by connecting to this ...
CVE-2007-1535
- EPSS 11.79%
- Veröffentlicht 20.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:46
Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communi...
CVE-2007-0843
- EPSS 3.61%
- Veröffentlicht 23.02.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:23
The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDir...
CVE-2007-0675
- EPSS 17.22%
- Veröffentlicht 03.02.2007 01:28:00
- Zuletzt bearbeitet 16.06.2026 22:36:03
A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorize...
CVE-2006-6696
- EPSS 3.28%
- Veröffentlicht 22.12.2006 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:33:37
Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Serv...