Vulnerability Note VU#601073
Microsoft Windows Vista privilege escalation vulnerability
Microsoft Windows Vista contains a local privilege escalation vulnerability.
The Windows Advanced Local Procedure Call (ALPC) does not properly evaluate certain conditions in legacy reply paths.
Per Microsoft Security Bulletin MS07-066:
A local attacker may be able to gain elevated privileges.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||-||11 Dec 2007|
CVSS Metrics (Learn More)
Microsoft credits Thomas Garnier of SkyRecon for reporting this vulnerability.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2007-5350
- Date Public: 11 Dec 2007
- Date First Published: 11 Dec 2007
- Date Last Updated: 11 Dec 2007
- Severity Metric: 6.35
- Document Revision: 5
If you have feedback, comments, or additional information about this vulnerability, please send us email.