Lucene search

MitreCVE-2002-1762

HistoryJun 21, 2005 - 4:00 a.m.

CVE-2002-1762

2005-06-2104:00:00

mitre

web.nvd.nist.gov

microsoft baseline security analyzer

mbsa 1.0

cve-2002-1762

plaintext vulnerability

remote attackers

active content

activex

java

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

73.8%

JSON

Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documents and Settings\username\SecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java.

Affected configurations

Nvd

Node

microsoftbaseline_security_analyzerMatch1.0

VendorProductVersionCPE
microsoftbaseline_security_analyzer1.0cpe:2.3:a:microsoft:baseline_security_analyzer:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	baseline_security_analyzer	1.0	cpe:2.3:a:microsoft:baseline_security_analyzer:1.0:::::::*

References

online.securityfocus.com/archive/1/269408

www.securityfocus.com/bid/4594

exchange.xforce.ibmcloud.com/vulnerabilities/8947

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

73.8%

JSON

Related for CVE-2002-1762