Vulnerability Description
Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows Vista | All versions |
References
- http://osvdb.org/33667
- http://www.securityfocus.com/archive/1/462793/100/0/threaded
- http://www.securityfocus.com/archive/1/464617/100/0/threaded
- http://www.securityfocus.com/bid/23267
- http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
- http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_i
- http://osvdb.org/33667
- http://www.securityfocus.com/archive/1/462793/100/0/threaded
- http://www.securityfocus.com/archive/1/464617/100/0/threaded
- http://www.securityfocus.com/bid/23267
- http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
- http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_i
FAQ
What is CVE-2007-1535?
CVE-2007-1535 is a vulnerability with a CVSS score of 7.5 (HIGH). Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the att...
How severe is CVE-2007-1535?
CVE-2007-1535 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1535?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows Vista.