Lucene search

[email protected]CVE-2000-0650

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2000-0650

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0650

virusscan 4.5

netshield 4.5

insecure permissions

local user access

command execution

7.6 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.

Affected configurations

NVD

Node

network_associatesnetshieldMatch4.5

network_associatesvirusscanMatch4.5windows_nt

CPENameOperatorVersion
network_associates:netshieldnetwork associates netshieldeq4.5
network_associates:virusscannetwork associates virusscaneq4.5

CPE	Name	Operator	Version
network_associates:netshield	network associates netshield	eq	4.5
network_associates:virusscan	network associates virusscan	eq	4.5

References

www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753

www.osvdb.org/1458

www.osvdb.org/4200

www.securityfocus.com/bid/1458

exchange.xforce.ibmcloud.com/vulnerabilities/5177

7.6 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2000-0650

nvd1 cvelist1