CVE-2007-0843

Published: Feb 23, 2007Modified: Apr 23, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does not check permissions for child objects, which allows local users to bypass permissions by opening a directory with LIST (READ) access and using ReadDirectoryChangesW to monitor changes of files that do not have LIST permissions, which can be leveraged to determine filenames, access times, and other sensitive information.

Affected (15)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows Vista, Windows Xp

4 products

Windows 2003 Server

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	All versions
Microsoft Windows Vista	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions
Microsoft Windows Xp	All versions

Related CWEs

References (22)

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052613.html

Source: cve@mitre.org

http://osvdb.org/33474

Source: cve@mitre.org

http://packetstormsecurity.com/files/163755/Microsoft-Windows-Malicious-Software-Removal-Tool-Privilege-Escalation.html

Source: cve@mitre.org

http://secunia.com/advisories/24245

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/2282

Source: cve@mitre.org

http://securityvulns.com/advisories/readdirectorychanges.asp

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/460887/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/460899/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/22664

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2007/0701

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32644

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052613.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/33474

Source: af854a3a-2127-422b-91ae-364da2661108

http://packetstormsecurity.com/files/163755/Microsoft-Windows-Malicious-Software-Removal-Tool-Privilege-Escalation.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24245

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/2282

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityvulns.com/advisories/readdirectorychanges.asp

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/460887/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/460899/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/22664

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2007/0701

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/32644

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.