CVE-2002-1932

medium

Description

Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.

References

http://www.securityfocus.com/bid/5972

http://www.iss.net/security_center/static/10377.php

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B329350

http://online.securityfocus.com/archive/1/295341

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.12785