Lucene search

K
cve[email protected]CVE-2002-2401
HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2401

2022-10-0316:23:50
CWE-264
web.nvd.nist.gov
22
cve-2002-2401
ntvdm.exe
windows 2000
windows nt
windows xp
16-bit executable files
permissions bypass

7.4 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

31.0%

NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

Affected configurations

NVD
Node
microsoftwindows_2000
OR
microsoftwindows_2000sp1
OR
microsoftwindows_2000sp2
OR
microsoftwindows_2000sp3
OR
microsoftwindows_ntMatch4.0
OR
microsoftwindows_ntMatch4.0workstation
OR
microsoftwindows_ntMatch4.0sp1enterprise
OR
microsoftwindows_ntMatch4.0sp1server
OR
microsoftwindows_ntMatch4.0sp1terminal_srv
OR
microsoftwindows_ntMatch4.0sp1workstation
OR
microsoftwindows_ntMatch4.0sp2enterprise
OR
microsoftwindows_ntMatch4.0sp2server
OR
microsoftwindows_ntMatch4.0sp2terminal_srv
OR
microsoftwindows_ntMatch4.0sp2workstation
OR
microsoftwindows_ntMatch4.0sp3enterprise
OR
microsoftwindows_ntMatch4.0sp3server
OR
microsoftwindows_ntMatch4.0sp3terminal_srv
OR
microsoftwindows_ntMatch4.0sp3workstation
OR
microsoftwindows_ntMatch4.0sp4enterprise
OR
microsoftwindows_ntMatch4.0sp4server
OR
microsoftwindows_ntMatch4.0sp4terminal_srv
OR
microsoftwindows_ntMatch4.0sp4workstation
OR
microsoftwindows_ntMatch4.0sp5enterprise
OR
microsoftwindows_ntMatch4.0sp5server
OR
microsoftwindows_ntMatch4.0sp5terminal_srv
OR
microsoftwindows_ntMatch4.0sp5workstation
OR
microsoftwindows_ntMatch4.0sp6enterprise
OR
microsoftwindows_ntMatch4.0sp6server
OR
microsoftwindows_ntMatch4.0sp6terminal_srv
OR
microsoftwindows_ntMatch4.0sp6workstation
OR
microsoftwindows_ntMatch4.0sp6aenterprise
OR
microsoftwindows_ntMatch4.0sp6aserver
OR
microsoftwindows_ntMatch4.0sp6aworkstation
OR
microsoftwindows_xphome
OR
microsoftwindows_xppro
OR
microsoftwindows_xpsp1home
OR
microsoftwindows_xpsp1pro

7.4 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

31.0%

Related for CVE-2002-2401