CVE-2002-1184

high

Description

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/9779

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-064

http://www.securityfocus.com/bid/5415

Details

Source: Mitre, NVD

Published: 2002-11-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00398