Vulnerabilities > CVE-2007-1535 - Unspecified vulnerability in Microsoft Windows Vista
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
References
- http://osvdb.org/33667
- http://www.securityfocus.com/archive/1/462793/100/0/threaded
- http://www.securityfocus.com/archive/1/464617/100/0/threaded
- http://www.securityfocus.com/bid/23267
- http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
- http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html