Lucene search

[email protected]CVE-2000-0663

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0663

2000-10-1304:00:00

[email protected]

web.nvd.nist.gov

cve-2000-0663

windows nt

windows 2000

shell path vulnerability

arbitrary command execution

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the “Relative Shell Path” vulnerability.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_ntMatch4.0

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_ntmicrosoft windows nteq4.0

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_nt	microsoft windows nt	eq	4.0

References

www.microsoft.com/technet/support/kb.asp?ID=269049

www.securityfocus.com/bid/1507

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-052

exchange.xforce.ibmcloud.com/vulnerabilities/5040

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVE-2000-0663

cvelist1 nessus1 nvd1