Microsoft Windows Vista Information Disclosure Vulnerability (931213) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS07-032.

Impact

Successful exploitation allows remote attacker to obtain sensitive information that may allow them to gain unauthorized access to the affected computer. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-032.mspx

Insight

The flaw is due to certain user information data being stored in the registry and the local file system with insecure permissions.

Affected

Microsoft Windows Vista.

References

http://secunia.com/advisories/25623
http://securitytracker.com/alerts/2007/Jun/1018225.html
http://www.microsoft.com/technet/security/bulletin/ms07-032.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-2229

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Flaw in Microsoft VM Could Allow Code Execution (810030)
Microsoft DHTML Editing Component ActiveX Remote Code Execution Vulnerability (956844)
Microsoft Internet Explorer Memory Corruption Vulnerability (2755801)
IE 5.01 5.5 6.0 Cumulative patch (890923)
Cumulative Security Update for Internet Explorer (958215)

Take action and discover your vulnerabilities