CVE-2000-0650

high

Description

The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/5177

http://www.securityfocus.com/bid/1458

http://www.osvdb.org/4200

http://www.osvdb.org/1458

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753

Details

Source: Mitre, NVD

Published: 2000-07-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00075