Details of VAR-200703-0031

ID

VAR-200703-0031

CVE

CVE-2007-1307

TITLE

IBM Lenovo ThinkPad Used on the system Lenovo Intel PRO/1000 LAN Vulnerability in adapter

Trust: 0.8

sources: JVNDB: JVNDB-2007-003470

DESCRIPTION

Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before Build 135400, as used on IBM Lenovo ThinkPad systems, has unknown impact and attack vectors. Currently, very little is known about this issue. This BID will be updated as more information becomes available. Versions prior to build 135400 are vulnerable. SOLUTION: Update to build 135400. http://www-307.ibm.com/pc/support/site.wss/license.do?filename=mobiles/7ira09ww.exe PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Lenovo: http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-62922 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-1307 // JVNDB: JVNDB-2007-003470 // BID: 22822 // VULHUB: VHN-24669 // PACKETSTORM: 54778

AFFECTED PRODUCTS

vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x40	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x60s	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x60_tablet	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t42	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t42p	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	r50	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x31	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x32	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	x60	Trust: 1.6
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t60	Trust: 1.6
vendor:	intel	model:	pro 1000 lan adapter	scope:	eq	version:	135400	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t41p	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	r51	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t60p	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	t41	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	r50p	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	eq	version:	r50e	Trust: 1.0
vendor:	lenovo	model:	thinkpad	scope:	-	version:	-	Trust: 0.8
vendor:	intel	model:	pro 1000 lan adapter	scope:	eq	version:	build 135400	Trust: 0.8
vendor:	ibm	model:	intel pro/1000 lan adapter software	scope:	eq	version:	0	Trust: 0.3
vendor:	ibm	model:	intel pro/1000 lan adapter software build	scope:	ne	version:	135400	Trust: 0.3

sources: BID: 22822 // JVNDB: JVNDB-2007-003470 // CNNVD: CNNVD-200703-204 // NVD: CVE-2007-1307

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-1307
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-1307
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200703-204
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-24669
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-1307
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-24669
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-24669 // JVNDB: JVNDB-2007-003470 // CNNVD: CNNVD-200703-204 // NVD: CVE-2007-1307

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-1307

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200703-204

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200703-204

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-003470

PATCH

title:	Top Page	url:	http://www.intel.co.jp/	Trust: 0.8
title:	LegacyDocID=MIGR-62922	url:	http://support.lenovo.com/en_US/detail.page?LegacyDocID=MIGR-62922	Trust: 0.8

sources: JVNDB: JVNDB-2007-003470

EXTERNAL IDS

db:	NVD	id:	CVE-2007-1307	Trust: 2.8
db:	BID	id:	22822	Trust: 2.0
db:	SECUNIA	id:	24349	Trust: 1.8
db:	VUPEN	id:	ADV-2007-0801	Trust: 1.7
db:	OSVDB	id:	33854	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-003470	Trust: 0.8
db:	CNNVD	id:	CNNVD-200703-204	Trust: 0.7
db:	VULHUB	id:	VHN-24669	Trust: 0.1
db:	PACKETSTORM	id:	54778	Trust: 0.1

sources: VULHUB: VHN-24669 // BID: 22822 // JVNDB: JVNDB-2007-003470 // PACKETSTORM: 54778 // CNNVD: CNNVD-200703-204 // NVD: CVE-2007-1307

REFERENCES

url:	http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=migr-62922	Trust: 2.0
url:	http://www.securityfocus.com/bid/22822	Trust: 1.7
url:	http://osvdb.org/33854	Trust: 1.7
url:	http://secunia.com/advisories/24349	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2007/0801	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1307	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1307	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/0801	Trust: 0.6
url:	http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=migr-62922	Trust: 0.1
url:	http://secunia.com/product/13599/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://www-307.ibm.com/pc/support/site.wss/license.do?filename=mobiles/7ira09ww.exe	Trust: 0.1
url:	http://secunia.com/disassembling_og_reversing/	Trust: 0.1
url:	http://secunia.com/advisories/24349/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-24669 // BID: 22822 // JVNDB: JVNDB-2007-003470 // PACKETSTORM: 54778 // CNNVD: CNNVD-200703-204 // NVD: CVE-2007-1307

CREDITS

The vendor disclosed this issue.

Trust: 0.9

sources: BID: 22822 // CNNVD: CNNVD-200703-204

SOURCES

db:	VULHUB	id:	VHN-24669
db:	BID	id:	22822
db:	JVNDB	id:	JVNDB-2007-003470
db:	PACKETSTORM	id:	54778
db:	CNNVD	id:	CNNVD-200703-204
db:	NVD	id:	CVE-2007-1307

LAST UPDATE DATE

2024-11-23T23:00:21.274000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-24669	date:	2011-03-08T00:00:00
db:	BID	id:	22822	date:	2015-05-12T19:33:00
db:	JVNDB	id:	JVNDB-2007-003470	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-200703-204	date:	2007-03-07T00:00:00
db:	NVD	id:	CVE-2007-1307	date:	2024-11-21T00:28:00.617

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-24669	date:	2007-03-07T00:00:00
db:	BID	id:	22822	date:	2007-03-05T00:00:00
db:	JVNDB	id:	JVNDB-2007-003470	date:	2012-09-25T00:00:00
db:	PACKETSTORM	id:	54778	date:	2007-03-05T23:12:53
db:	CNNVD	id:	CNNVD-200703-204	date:	2007-03-06T00:00:00
db:	NVD	id:	CVE-2007-1307	date:	2007-03-07T00:19:00