{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2004-08-04T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "5415", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5415"}, {"name": "MS02-064", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064"}, {"name": "win2k-partition-weak-permissions(9779)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9779"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1184", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "5415", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5415"}, {"name": "MS02-064", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064"}, {"name": "win2k-partition-weak-permissions(9779)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9779"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:19:27.520Z"}, "title": "CVE Program Container", "references": [{"name": "5415", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/5415"}, {"name": "MS02-064", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064"}, {"name": "win2k-partition-weak-permissions(9779)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9779"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1184", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-10-04T00:00:00", "dateUpdated": "2024-08-08T03:19:27.520Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*", "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*", "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*", "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*", "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*", "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*", "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*", "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*", "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*", "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*", "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*", "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*", "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*", "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*", "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*", "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*", "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*", "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*", "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*", "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*", "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*", "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs."}, {"lang": "es", "value": "La carpeta ra\u00edz de sistema de Microsoft Windows 2000 tienen permisos por defecto de accesso total para todos los usuarios, y est\u00e1 en el camino de b\u00fasqueda cuando se localizan programas durante el inicio de sesi\u00f3n o el lanzamiento de aplicaciones desde el escritorio, lo que puede permitir a atacantes ganar privilegios de otros usuarios mediante programas tipo caballo de Troya."}], "id": "CVE-2002-1184", "lastModified": "2024-11-20T23:40:46.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-11-12T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/5415"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/5415"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9779"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}