CVE-2007-5470
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-5470
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Expression Media明文口令存储漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Expression Media是一款专业资源管理工具,用于对数字化资源直观地进行编目和组织,从而轻松进行检索和显示。 Expression Media对访问口令的存储访问存在漏洞,本地攻击者可能利用此漏洞非授权访问资源。 Microsoft用户可以向Expression Media的目录中添加口令,然后将目录保存为CatalogName.ivc文件。但任何用户都可以在基于Windows的计算机上使用记事本或在基于苹果的机器上使用文本编辑器打开CatalogName.ivc文件,检索到口令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-5470
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-5470
请登录查看更多情报信息。
Same Patch Batch · n/a · 2007-10-16 · 16 CVEs total
| CVE-2007-4343 | IrfanView .PAL文件导入远程栈溢出漏洞 | |
| CVE-2007-5477 | djeyl.net WebMod Half-Life Dedicated 'auth.w' 跨站脚本攻击漏洞 | |
| CVE-2007-5478 | Nabh Stringbeans Portal project_name参数跨站脚本攻击漏洞 | |
| CVE-2007-5479 | Xcomputer 'Search.asp' EXPS参数跨站脚本攻击漏洞 | |
| CVE-2007-5480 | InnovaShop 多个跨站脚本攻击漏洞 | |
| CVE-2007-5481 | Distributed Checksum Clearinghouse SOCKS flood未明拒绝服务漏洞 | |
| CVE-2007-5482 | Sun StorEdge 3510 FC Array FTP远程拒绝服务漏洞 | |
| CVE-2007-5483 | IBM WebSphere Application Server Administrative Scripting Tools 未明攻击漏洞 | |
| CVE-2007-5484 | WWWISIS IsisScript 'wxis.exe/iah' 目录遍历漏洞 | |
| CVE-2007-5485 | KwsPHP MG2 Module 'index.php' SQL注入漏洞 | |
| CVE-2007-5486 | DotProject Companies模块权限许可和访问控制漏洞 | |
| CVE-2007-5487 | jetAudio M3U文件处理栈溢出漏洞 | |
| CVE-2007-5468 | Cisco CallManager和Openser SIP消息非授权呼叫漏洞 | |
| CVE-2007-5469 | Cisco CallManager和Openser SIP消息非授权呼叫漏洞 | |
| CVE-2007-5471 | SUSE Linux ISC BIND "named" GSS-TSIG请求远程拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8741
EMQX QoS 2 PUBLISH Packet emqx_persistent_session_ds.erl rac - CVE-2026-8731
Open5GS NRF client.c ogs_sbi_client_add denial of service - CVE-2026-8730
Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of s - CVE-2026-8729
Open5GS NRF message.c denial of service - CVE-2026-8728
Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list
V. Comments for CVE-2007-5470
No comments yet