CVE-2007-5470
Microsoft Expression Media - Cleartext Password Exposure in Catalog IVC File
Title source: llmDescription
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file.
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27144
Vendor Advisory vendor-advisory
x_refsource_mskb
http://support.microsoft.com/kb/942109
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25996
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/38486
Scores
EPSS
0.0200
EPSS Percentile
78.4%
Details
CWE
CWE-200
CWE-310
Status
published
Products (1)
microsoft/expression_media
Published
Oct 16, 2007
Tracked Since
Feb 18, 2026