{
  "id": "CVE-2007-1535",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2007-03-20T20:19:00.000",
  "lastModified": "2018-10-16T16:38:57.597",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo."
    },
    {
      "lang": "es",
      "value": "Microsoft Windows Vista establece una direcci\u00f3n Teredo sin acci\u00f3n del usuario sobre una conexi\u00f3n a Internet, contrario a la documentaci\u00f3n que dice que Teredo est\u00e1 inactivo sin la acci\u00f3n del usuario, lo cual incrementa la superficie de ataque y permite a atacantes remotos comunicarse mediante Teredo."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/23267",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html",
      "source": "cve@mitre.org"
    }
  ]
}