CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
37.8%
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:*:*:*:datacenter_server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:*:*:*:professional:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:*:*:*:server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:*:*:ja:server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:advanced_server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:datacenter_server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:professional:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:advanced_server:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:datacenter_server:*:*:* |