mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
113 lines
4.2 KiB
JSON
113 lines
4.2 KiB
JSON
{
|
|
"id": "CVE-2007-6744",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2012-01-19T19:55:00.927",
|
|
"lastModified": "2012-01-20T05:00:00.000",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an incorrect interaction between InstallShield and Signcode.exe."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Macrovision InstallShield Flexera antes de v2008 env\u00eda una contrase\u00f1a de firma digital a una aplicaci\u00f3n no deseada durante determinadas operaciones en las que participan ficheros .spc y .pvk, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados. Se trata de un problema relacionado con una interacci\u00f3n incorrecta entre InstallShield y Signcode.exe."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.1
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1.0",
|
|
"matchCriteriaId": "8566174D-59AF-4C0E-8E35-108A9EFB0CA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "2.0",
|
|
"matchCriteriaId": "536BAE00-FD82-4C61-968D-E519BEC218E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.0",
|
|
"matchCriteriaId": "F4C3AD63-0900-4E4C-8168-7EA6EF531120"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "12",
|
|
"matchCriteriaId": "98FE9015-2B87-4FD8-B47A-0B76EF004DCC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:10.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7B50640A-BEB4-4ADB-B6D8-E3E6B479E944"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D22D8E16-662D-4F38-BB02-022B8E9D9969"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:flexerasoftware:installshield:11.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CB19FC75-3FE9-4EC7-8DDB-0E2DC1ACB944"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Installation-InstallShield-InstallShield2008Premier-Public-ProductInfo-IS2008PremProReleaseNotes2pdf&sliceId=pdfPage_42",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |