admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-22xx/CVE-2007-2228.json

236 lines
8.1 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2007-2228",
"sourceIdentifier": "secure@microsoft.com",
"published": "2007-10-09T22:17:00.000",
Auto-Update: 2025-04-09T02:02:01.564573+00:00
2025-04-09 02:05:49 +00:00
"lastModified": "2025-04-09T00:30:58.490",
"vulnStatus": "Deferred",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "rpcrt4.dll (aka the RPC runtime library) in Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 and SP2, Server 2003 x64 Edition and x64 Edition SP2, and Vista and Vista x64 Edition allows remote attackers to cause a denial of service (RPCSS service stop and system restart) via an RPC request that uses NTLMSSP PACKET authentication with a zero-valued verification trailer signature, which triggers an invalid dereference. NOTE: this also affects Windows 2000 SP4, although the impact is an information leak."
},
{
"lang": "es",
"value": "En la biblioteca rpcrt4.dll (tambi\u00e9n conocida como la biblioteca de tiempo de ejecuci\u00f3n RPC) en Microsoft Windows XP SP2, XP Professional x64 Edition, Server 2003 SP1 y SP2, Server 2003 x64 Edition y x64 Edition SP2, y Vista y Vista x64 Edition permiten que los atacantes remotos causar una denegaci\u00f3n de servicio (RPCSS servicio de parada y reinicio del sistema) por medio de una petici\u00f3n RPC que utiliza la autenticaci\u00f3n NTLMSSP PACKET con una firma de remolque de verificaci\u00f3n de valor cero, que conlleva una desreferencia no v\u00e1lida. NOTA: esto tambi\u00e9n afecta a Windows 2000 SP4, aunque el impacto es un filtrado de informaci\u00f3n."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
Auto-Update: 2024-11-22T07:12:16.597899+00:00
2024-11-22 07:15:30 +00:00
"baseScore": 7.8,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
Auto-Update: 2024-11-22T07:12:16.597899+00:00
2024-11-22 07:15:30 +00:00
"availabilityImpact": "COMPLETE"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
"matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:professional:*:*:*:*:*",
"matchCriteriaId": "CC5A2998-AFD9-4AD3-BC47-E653345323AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
}
]
}
]
}
],
"references": [
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
{
"url": "http://secunia.com/advisories/27134",
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/27153",
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
bootstrap
2023-04-24 12:24:31 +02:00
{
"url": "http://securitytracker.com/id?1018787",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded",
"source": "secure@microsoft.com"
},
{
"url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded",
"source": "secure@microsoft.com"
},
Auto-Update: 2024-11-22T07:12:16.597899+00:00
2024-11-22 07:15:30 +00:00
{
"url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded",
"source": "secure@microsoft.com"
},
bootstrap
2023-04-24 12:24:31 +02:00
{
"url": "http://www.securityfocus.com/bid/25974",
"source": "secure@microsoft.com"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html",
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/3438",
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html",
"source": "secure@microsoft.com"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310",
"source": "secure@microsoft.com"
Auto-Update: 2024-11-22T07:12:16.597899+00:00
2024-11-22 07:15:30 +00:00
},
{
"url": "http://secunia.com/advisories/27134",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/27153",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securitytracker.com/id?1018787",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/482023/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/25974",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/3438",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-055.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-058",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2310",
"source": "af854a3a-2127-422b-91ae-364da2661108"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink