NVD

Id
53711  
Name
CVE-2007-1527  
Description
The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the "Spoof and Management URL IP Redirect" attack.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2007-03-20  
Modified Date
2008-11-13  
Seq
2007-1527  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
272142 53711 CVE-2007-1527 20070313 New report on Windows Vista network attack surface  View
272143 53711 CVE-2007-1527 20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation  View
272144 53711 CVE-2007-1527 23279  View
272145 53711 CVE-2007-1527 http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf  View
272146 53711 CVE-2007-1527 http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54846 JVNDB-2007-003538 Microsoft Windows Vista の LLTD Mapper におけるローカルユーザが外部ホストと通信する脆弱性 Microsoft Windows Vista の LLTD Mapper は、ローカルネットワークでは、TLV タイプの 0x07 フィールド内の IP アドレスが有効な IP アドレスに対応しているか検証しないため、ローカルユーザが外部ホストと通信する脆弱性が存在します。 CVE-2007-1527 24882 CVE-2007-1527 53711 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003538.html 2007-03-20 2012-09-25 View