Vulnerability Description
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Expression Media | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/38486
- http://secunia.com/advisories/27144Vendor Advisory
- http://support.microsoft.com/kb/942109
- http://www.securityfocus.com/bid/25996
- http://osvdb.org/38486
- http://secunia.com/advisories/27144Vendor Advisory
- http://support.microsoft.com/kb/942109
- http://www.securityfocus.com/bid/25996
FAQ
What is CVE-2007-5470?
CVE-2007-5470 is a vulnerability with a CVSS score of 2.1 (LOW). Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC ...
How severe is CVE-2007-5470?
CVE-2007-5470 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5470?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Expression Media.