10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.524 Medium
EPSS
Percentile
97.6%
Hotfix to fix Flaw in Microsoft VM
could Allow Code Execution (810030)
# SPDX-FileCopyrightText: 2002 SECNAP Network Security, LLC
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.11177");
script_version("2023-08-01T13:29:10+0000");
script_tag(name:"last_modification", value:"2023-08-01 13:29:10 +0000 (Tue, 01 Aug 2023)");
script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name:"IAVA", value:"2003-B-0002");
script_cve_id("CVE-2002-1257", "CVE-2002-1258", "CVE-2002-1183", "CVE-2002-0862");
script_name("Flaw in Microsoft VM Could Allow Code Execution (810030)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2002 SECNAP Network Security, LLC");
script_family("Windows : Microsoft Bulletins");
script_dependencies("secpod_reg_enum.nasl", "smb_reg_service_pack.nasl");
script_mandatory_keys("SMB/registry_enumerated");
script_tag(name:"summary", value:"Hotfix to fix Flaw in Microsoft VM
could Allow Code Execution (810030)");
script_tag(name:"impact", value:"Three vulnerabilities, the most
serious of which could enable an attacker to gain complete
control over a user's system.");
script_tag(name:"affected", value:"Versions of the Microsoft virtual machine (Microsoft VM) are
identified by build numbers, which can be determined using the JVIEW tool as discussed in the FAQ.
All builds of the Microsoft VM up to and including build 5.0.3805 are affected by these
vulnerabilities.");
script_xref(name:"URL", value:"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/6371");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/6372");
script_xref(name:"URL", value:"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"solution", value:"The vendor has releases updates, please see the references for more information.");
exit(0);
}
include("secpod_reg.inc");
include("host_details.inc");
if ( hotfix_check_sp(xp:2, win2k:4) <= 0 ) exit(0);
version = get_kb_item ("SMB/Registry/HKLM/SOFTWARE/Microsoft/Active Setup/Installed Components/{08B0E5C0-4FCB-11CF-AAA5-00401C608500}/Version");
if (!version) exit(0);
# should be "5,00,3807,0";
v = split(version, sep:",", keep:FALSE);
if ( int(v[0]) < 5 ||
( int(v[0]) == 5 && int(v[1]) == 0 && int(v[2]) < 3809) )
{
if ( hotfix_missing(name:"810030") > 0 )
security_message(port:0);
}