CVE-2002-1184

Published Nov 12, 2002

Last updated 6 years ago

Overview

Description: The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References