Lucene search

[email protected]CVE-2001-0015

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2001-0015

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0015

windows 2000

network dde

privilege escalation

wm_copydata

winlogon

system privileges

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.6%

JSON

Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a “WM_COPYDATA” message to an invisible window that is running with the privileges of the WINLOGON process.

Affected configurations

NVD

Node

microsoftwindows_2000

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.atstake.com/research/advisories/2001/a020501-1.txt

www.securityfocus.com/bid/2341

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-007

exchange.xforce.ibmcloud.com/vulnerabilities/6062

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.6%

JSON

Related for CVE-2001-0015

nvd1 cvelist1 cert1