CVE-2002-0367 - Vulnerability Details - OpenCVE

smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since March 3, 2022.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Microsoft	Windows 2000 Windows Nt

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000:-:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:-:::terminal_server:::*

No data.

References

Link	Providers
http://marc.info/?l=ntbugtraq&m=101614320402695&w=2
http://www.iss.net/security_center/static/8462.php
http://www.securityfocus.com/archive/1/262074
http://www.securityfocus.com/archive/1/264441
http://www.securityfocus.com/archive/1/264927
http://www.securityfocus.com/bid/4287
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76

History

Fri, 07 Feb 2025 15:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-269
Metrics		kev `{'dateAdded': '2022-03-03'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-02T05:00:00.000Z

Updated: 2025-02-07T14:34:05.089Z

Reserved: 2002-05-08T00:00:00.000Z

Link: CVE-2002-0367

Vulnrichment

Updated: 2024-08-08T02:49:28.090Z

NVD

Status : Modified

Published: 2002-06-25T04:00:00.000

Modified: 2025-02-07T15:15:09.513

Link: CVE-2002-0367

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-03-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-06-11T09:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0367", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20020326 Re: DebPloit (exploit)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "refsource": "NTBUGTRAQ", "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:49:28.090Z"}, "title": "CVE Program Container", "references": [{"name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"name": "4287", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/4287"}, {"name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T14:33:43.942338Z", "id": "CVE-2002-0367", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2002-0367"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T14:34:05.089Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0367", "datePublished": "2003-04-02T05:00:00.000Z", "dateReserved": "2002-05-08T00:00:00.000Z", "dateUpdated": "2025-02-07T14:34:05.089Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/archive/1/264441", "name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", "name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/4287", "name": "4287", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", "name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"]}, {"url": "http://www.securityfocus.com/archive/1/264927", "name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", "name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"]}, {"url": "http://www.securityfocus.com/archive/1/262074", "name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"]}, {"url": "http://www.iss.net/security_center/static/8462.php", "name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", "name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:49:28.090Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2002-0367", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-07T14:33:43.942338Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2022-03-03", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2002-0367"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T14:33:33.461Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-03-14T00:00:00.000Z", "references": [{"url": "http://www.securityfocus.com/archive/1/264441", "name": "20020326 Re: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", "name": "20020314 DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_NTBUGTRAQ"]}, {"url": "http://www.securityfocus.com/bid/4287", "name": "4287", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", "name": "MS02-024", "tags": ["vendor-advisory", "x_refsource_MS"]}, {"url": "http://www.securityfocus.com/archive/1/264927", "name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", "name": "oval:org.mitre.oval:def:76", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"]}, {"url": "http://www.securityfocus.com/archive/1/262074", "name": "20020314 Fwd: DebPloit (exploit)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"]}, {"url": "http://www.iss.net/security_center/static/8462.php", "name": "win-debug-duplicate-handles(8462)", "tags": ["vdb-entry", "x_refsource_XF"]}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", "name": "oval:org.mitre.oval:def:158", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"]}], "descriptions": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2002-06-11T09:00:00.000Z"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/archive/1/264441", "name": "20020326 Re: DebPloit (exploit)", "refsource": "BUGTRAQ"}, {"url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2", "name": "20020314 DebPloit (exploit)", "refsource": "NTBUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/4287", "name": "4287", "refsource": "BID"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024", "name": "MS02-024", "refsource": "MS"}, {"url": "http://www.securityfocus.com/archive/1/264927", "name": "20020327 Local Security Vulnerability in Windows NT and Windows 2000", "refsource": "BUGTRAQ"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76", "name": "oval:org.mitre.oval:def:76", "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/262074", "name": "20020314 Fwd: DebPloit (exploit)", "refsource": "BUGTRAQ"}, {"url": "http://www.iss.net/security_center/static/8462.php", "name": "win-debug-duplicate-handles(8462)", "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158", "name": "oval:org.mitre.oval:def:158", "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-0367", "STATE": "PUBLIC", "ASSIGNER": "cve@mitre.org"}}}}, "cveMetadata": {"cveId": "CVE-2002-0367", "state": "PUBLISHED", "dateUpdated": "2025-02-07T14:34:05.089Z", "dateReserved": "2002-05-08T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2003-04-02T05:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Microsoft Windows Privilege Escalation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:-:*:*:terminal_server:*:*:*", "matchCriteriaId": "E30F6C9C-3371-44FF-AD0B-3CAA0AB6F1B8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit."}], "id": "CVE-2002-0367", "lastModified": "2025-02-07T15:15:09.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2002-06-25T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/4287"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://marc.info/?l=ntbugtraq&m=101614320402695&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.iss.net/security_center/static/8462.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory"], "url": "http://www.securityfocus.com/archive/1/262074"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264441"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/264927"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/4287"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A158"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A76"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}