Summary
This host is missing a critical security update according to Microsoft Bulletin MS07-032.
Impact
Successful exploitation allows remote attacker to obtain sensitive information that may allow them to gain unauthorized access to the affected computer.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-032.mspx
Insight
The flaw is due to certain user information data being stored in the registry and the local file system with insecure permissions.
Affected
Microsoft Windows Vista.
References
Severity
Classification
-
CVE CVE-2007-2229 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
- Microsoft DirectShow Remote Code Execution Vulnerability (961373)
- Microsoft DirectShow Remote Code Execution Vulnerability (2929961)
- Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
- Microsoft Antimalware Client Privilege Elevation Vulnerability (2823482)