CVE-2006-7037 - Vulnerability Details

Vendors	Products
Mathsoft	Mathcad
Microsoft	Windows 2000 Windows 2003 Server Windows 95 Windows 98 Windows 98se Windows Me Windows Nt Windows Xp

Link	Providers
http://securityreason.com/securityalert/2305
http://www.securityfocus.com/archive/1/436441/30/4560/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/27115
https://exchange.xforce.ibmcloud.com/vulnerabilities/27116
https://exchange.xforce.ibmcloud.com/vulnerabilities/27117
https://exchange.xforce.ibmcloud.com/vulnerabilities/27118

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-06-08T00:00:00", "descriptions": [{"lang": "en", "value": "Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the \"is-locked\" attribute, and (4) view locked data, which is stored in plaintext."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "mathcad-locked-area-security-bypass(27118)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"}, {"name": "2305", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2305"}, {"name": "mathcad-timestamp-security-bypass(27116)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"}, {"name": "mathcad-area-password-security-bypass(27115)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"}, {"name": "20060608 Mathcad Area Lock Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"}, {"name": "mathcad-islocked-security-bypass(27117)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-7037", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the \"is-locked\" attribute, and (4) view locked data, which is stored in plaintext."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "mathcad-locked-area-security-bypass(27118)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"}, {"name": "2305", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2305"}, {"name": "mathcad-timestamp-security-bypass(27116)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"}, {"name": "mathcad-area-password-security-bypass(27115)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"}, {"name": "20060608 Mathcad Area Lock Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"}, {"name": "mathcad-islocked-security-bypass(27117)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:50:05.591Z"}, "title": "CVE Program Container", "references": [{"name": "mathcad-locked-area-security-bypass(27118)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"}, {"name": "2305", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2305"}, {"name": "mathcad-timestamp-security-bypass(27116)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"}, {"name": "mathcad-area-password-security-bypass(27115)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"}, {"name": "20060608 Mathcad Area Lock Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"}, {"name": "mathcad-islocked-security-bypass(27117)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-7037", "datePublished": "2007-02-23T01:00:00", "dateReserved": "2007-02-22T00:00:00", "dateUpdated": "2024-08-07T20:50:05.591Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2006-06-08T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-16T14:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : mathcad-locked-area-security-bypass(27118) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27118 (string)

}

1 : { »

name : 2305 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

]

url : http://securityreason.com/securityalert/2305 (string)

}

2 : { »

name : mathcad-timestamp-security-bypass(27116) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27116 (string)

}

3 : { »

name : mathcad-area-password-security-bypass(27115) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27115 (string)

}

4 : { »

name : 20060608 Mathcad Area Lock Vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/436441/30/4560/threaded (string)

}

5 : { »

name : mathcad-islocked-security-bypass(27117) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27117 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2006-7037 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : mathcad-locked-area-security-bypass(27118) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27118 (string)

}

1 : { »

name : 2305 (string)

refsource : SREASON (string)

url : http://securityreason.com/securityalert/2305 (string)

}

2 : { »

name : mathcad-timestamp-security-bypass(27116) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27116 (string)

}

3 : { »

name : mathcad-area-password-security-bypass(27115) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27115 (string)

}

4 : { »

name : 20060608 Mathcad Area Lock Vulnerability (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/436441/30/4560/threaded (string)

}

5 : { »

name : mathcad-islocked-security-bypass(27117) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27117 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T20:50:05.591Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : mathcad-locked-area-security-bypass(27118) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27118 (string)

}

1 : { »

name : 2305 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SREASON (string)

2 : x_transferred (string)

]

url : http://securityreason.com/securityalert/2305 (string)

}

2 : { »

name : mathcad-timestamp-security-bypass(27116) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27116 (string)

}

3 : { »

name : mathcad-area-password-security-bypass(27115) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27115 (string)

}

4 : { »

name : 20060608 Mathcad Area Lock Vulnerability (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/436441/30/4560/threaded (string)

}

5 : { »

name : mathcad-islocked-security-bypass(27117) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/27117 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2006-7037 (string)

datePublished : 2007-02-23T01:00:00 (string)

dateReserved : 2007-02-22T00:00:00 (string)

dateUpdated : 2024-08-07T20:50:05.591Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*", "matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:*", "matchCriteriaId": "82F7322B-8022-4D0B-ADB3-D0F5B6F20309", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*", "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:mathsoft:mathcad:12:*:*:*:*:*:*:*", "matchCriteriaId": "E883B002-F6E7-4EBC-B2B2-18E696F59EB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mathsoft:mathcad:13:*:*:*:*:*:*:*", "matchCriteriaId": "E396304A-203C-4C4D-AD9B-CF29DB396450", "vulnerable": true}, {"criteria": "cpe:2.3:a:mathsoft:mathcad:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB9AF7A0-4346-4C6A-AD50-9515D32B537C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the \"is-locked\" attribute, and (4) view locked data, which is stored in plaintext."}, {"lang": "es", "value": "Mathcad versiones 12 hasta 13.1, permite a usuarios locales omitir las funcionalidades de seguridad accediendo o editando directamente la representaci\u00f3n XML de la hoja de trabajo con un editor de texto u otro programa, que permite a atacantes (1) omitir la protecci\u00f3n con contrase\u00f1a reemplazando el campo password con un hash de una contrase\u00f1a conocida, (2) modificar las marcas de tiempo para evitar la detecci\u00f3n de modificaciones, (3) eliminar bloqueos eliminando el atributo \"is-locked\", y (4) visualizar datos bloqueados, que se almacenan en texto plano."}], "id": "CVE-2006-7037", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-23T03:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/2305"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/2305"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:* (string)

matchCriteriaId : 377F7D0C-6B44-4B90-BF90-DAF959880C6D (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:o:microsoft:windows_95:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 82F7322B-8022-4D0B-ADB3-D0F5B6F20309 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:* (string)

matchCriteriaId : 2D3B703C-79B2-4FA2-9E12-713AB977A880 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AA733AD2-D948-46A0-A063-D29081A56F1F (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 799DA395-C7F8-477C-8BC7-5B4B88FB7503 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E53CDA8E-50A8-4509-B070-CCA5604FFB21 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:* (string)

matchCriteriaId : 580B0C9B-DD85-40FA-9D37-BAC0C96D57FC (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mathsoft:mathcad:12:*:*:*:*:*:*:* (string)

matchCriteriaId : E883B002-F6E7-4EBC-B2B2-18E696F59EB5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mathsoft:mathcad:13:*:*:*:*:*:*:* (string)

matchCriteriaId : E396304A-203C-4C4D-AD9B-CF29DB396450 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mathsoft:mathcad:13.1:*:*:*:*:*:*:* (string)

matchCriteriaId : CB9AF7A0-4346-4C6A-AD50-9515D32B537C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. (string)

}

1 : { »

lang : es (string)

value : Mathcad versiones 12 hasta 13.1, permite a usuarios locales omitir las funcionalidades de seguridad accediendo o editando directamente la representación XML de la hoja de trabajo con un editor de texto u otro programa, que permite a atacantes (1) omitir la protección con contraseña reemplazando el campo password con un hash de una contraseña conocida, (2) modificar las marcas de tiempo para evitar la detección de modificaciones, (3) eliminar bloqueos eliminando el atributo "is-locked", y (4) visualizar datos bloqueados, que se almacenan en texto plano. (string)

}

]

id : CVE-2006-7037 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.4 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:L/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 3.4 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : true (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-02-23T03:28:00.000 (string)

references : [ »

0 : { »