Lucene search

[email protected]CVE-2002-2132

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2132

2022-10-0316:23:49

[email protected]

web.nvd.nist.gov

cve-2002-2132

windows

file protection

wfp

windows 2000

windows xp

security catalog

.cat files

vulnerability

hash codes

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

25.0%

JSON

Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.

Affected configurations

NVD

Node

microsoftwindows_2000datacenter_server

microsoftwindows_2000professional

microsoftwindows_2000server

microsoftwindows_2000jaserver

microsoftwindows_2000sp1advanced_server

microsoftwindows_2000sp1datacenter_server

microsoftwindows_2000sp1professional

microsoftwindows_2000sp1server

microsoftwindows_2000sp2advanced_server

microsoftwindows_2000sp2datacenter_server

microsoftwindows_2000sp2professional

microsoftwindows_2000sp2server

microsoftwindows_2000sp3advanced_server

microsoftwindows_2000sp3datacenter_server

microsoftwindows_2000sp3professional

microsoftwindows_2000sp3server

microsoftwindows_xpx64

microsoftwindows_xphome

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp1x64

microsoftwindows_xpsp1home

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_xp	microsoft windows xp	eq	*

References

archives.neohapsis.com/archives/bugtraq/2002-12/0250.html

www.iss.net/security_center/static/10957.php

www.securityfocus.com/bid/6483

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for CVE-2002-2132

nvd1 cvelist1