Vulnerabilities > Microsoft > Windows Vista > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-20 | CVE-2007-1533 | Unspecified vulnerability in Microsoft Windows Vista The Teredo implementation in Microsoft Windows Vista uses the same nonce for communication with different UDP ports within a solicitation session, which makes it easier for remote attackers to spoof the nonce through brute force attacks. | 5.0 |
2007-03-20 | CVE-2007-1532 | Unspecified vulnerability in Microsoft Windows Vista The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements. | 6.4 |
2007-03-20 | CVE-2007-1531 | Resource Management Errors vulnerability in Microsoft Windows Vista and Windows XP Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host. | 5.0 |
2007-03-20 | CVE-2007-1530 | Remote Denial Of Service vulnerability in Microsoft Windows Vista LLTD Mapper EMIT Packet The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which allows remote attackers to cause a denial of service (mapping failure) by omitting an ACK response, which triggers an XML syntax error. | 5.0 |
2007-03-20 | CVE-2007-1529 | Unspecified vulnerability in Microsoft Windows Vista The LLTD Responder in Microsoft Windows Vista does not send the Mapper a response to a DISCOVERY packet if another host has sent a spoofed response first, which allows remote attackers to spoof arbitrary hosts via a network-based race condition, aka the "Total Spoof" attack. network microsoft | 4.3 |
2007-03-20 | CVE-2007-1528 | Unspecified vulnerability in Microsoft Windows Vista The LLTD Mapper in Microsoft Windows Vista allows remote attackers to spoof hosts, and nonexistent bridge relationships, into the network topology map by using a MAC address that differs from the MAC address provided in the Real Source field of the LLTD BASE header of a HELLO packet, aka the "Spoof on Bridge" attack. | 5.0 |
2007-03-20 | CVE-2007-1527 | Unspecified vulnerability in Microsoft Windows Vista The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the "Spoof and Management URL IP Redirect" attack. | 5.0 |
2007-03-17 | CVE-2007-1499 | Cross-Site Scripting vulnerability in Microsoft IE 7.0 Microsoft Internet Explorer 7.0 on Windows XP and Vista allows remote attackers to conduct phishing attacks and possibly execute arbitrary code via a res: URI to navcancl.htm with an arbitrary URL as an argument, which displays the URL in the location bar of the "Navigation Canceled" page and injects the script into the "Refresh the page" link, aka Navigation Cancel Page Spoofing Vulnerability." | 4.3 |
2007-02-23 | CVE-2006-7030 | Denial of Service vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll. | 5.0 |
2007-02-23 | CVE-2007-0843 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information. | 4.6 |