CVE-2002-1184 — Microsoft Windows NT vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.9%

top 24.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedNov 12

Latest updateApr 30

Description

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

🔴Vulnerability Details

GHSA

GHSA-396q-87hm-3pmr: The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path whe↗2022-04-30

▶

CVEList

CVE-2002-1184: The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path whe↗2004-09-01

▶