CVE-2000-0650

Опубликовано: 11 июл. 2000

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.

Ссылки

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753
Patch
Vendor Advisory
http://www.osvdb.org/1458
http://www.osvdb.org/4200
http://www.securityfocus.com/bid/1458
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5177
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753
Patch
Vendor Advisory
http://www.osvdb.org/1458
http://www.osvdb.org/4200
http://www.securityfocus.com/bid/1458
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5177

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:network_associates:netshield:4.5:*:*:*:*:*:*:*

cpe:2.3:a:network_associates:virusscan:4.5:*:windows_nt:*:*:*:*:*

EPSS

Процентиль: 27%

0.00094

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-25pv-5r6h-55j6

github

почти 4 года назад