Lucene search

[email protected]CVE-2001-0015

HistoryMar 12, 2001 - 5:00 a.m.

CVE-2001-0015

2001-03-1205:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0015

windows 2000

network dde

privilege escalation

wm_copydata

winlogon

system privileges

nvd

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.1%

JSON

Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a “WM_COPYDATA” message to an invisible window that is running with the privileges of the WINLOGON process.

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.atstake.com/research/advisories/2001/a020501-1.txt

www.securityfocus.com/bid/2341

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-007

exchange.xforce.ibmcloud.com/vulnerabilities/6062

6.7 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

16.1%

JSON

Related for CVE-2001-0015

cert1