Unrated severityNVD Advisory· Published Nov 20, 2007· Updated Apr 23, 2026

CVE-2007-6043

Description

The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it easier for context-dependent attackers to reduce the effectiveness of cryptographic mechanisms, as demonstrated by attacks on (1) forward security and (2) backward security, related to use of eight instances of the RC4 cipher, and possibly a related issue to CVE-2007-3898.

Affected products

Microsoft/Windows 2000
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

eprint.iacr.org/2007/419.pdfnvd
www.computerworld.com.au/index.php/id%3B1165210682%3Bfp%3B2%3Bfpid%3B1nvd
www.securityfocus.com/bid/26495nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.016
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000