CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
10.7%
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_srv:*:*:*:*:* |
microsoft | windows_nt | 4.0 | cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:* |