Описание
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
Ссылки
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:ja:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:advanced_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:datacenter_server:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:server:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:home:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:home:*:*:*
EPSS
Процентиль: 72%
0.00757
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
EPSS
Процентиль: 72%
0.00757
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other