Lucene search

[email protected]CVE-2002-1540

HistoryMar 31, 2003 - 5:00 a.m.

CVE-2002-1540

2003-03-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

symantec

norton antivirus

corporate edition

cve-2002-1540

winhlp32

privilege escalation

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.8%

JSON

The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.

CPENameOperatorVersion
symantec:norton_antivirussymantec norton antiviruseqcorporate_7.51
symantec:norton_antivirussymantec norton antiviruseqcorporate_7.6
symantec:norton_antivirussymantec norton antiviruseqcorporate_7.5

CPE	Name	Operator	Version
symantec:norton_antivirus	symantec norton antivirus	eq	corporate_7.51
symantec:norton_antivirus	symantec norton antivirus	eq	corporate_7.6
symantec:norton_antivirus	symantec norton antivirus	eq	corporate_7.5

References

archives.neohapsis.com/archives/bugtraq/2002-10/0346.html

archives.neohapsis.com/archives/bugtraq/2002-10/0369.html

www.iss.net/security_center/static/10475.php

www.osvdb.org/6258

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.8%

JSON

Related for CVE-2002-1540

jvn1 cve1