CVE-2007-5470

Microsoft Expression Media - Cleartext Password Exposure in Catalog IVC File

Title source: llm
STIX 2.1

Description

Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27144
Vendor Advisory vendor-advisory x_refsource_mskb
http://support.microsoft.com/kb/942109
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25996
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38486

Scores

EPSS 0.0200
EPSS Percentile 78.4%

Details

CWE
CWE-200 CWE-310
Status published
Products (1)
microsoft/expression_media
Published Oct 16, 2007
Tracked Since Feb 18, 2026