Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2000-0502 | First vendor Publication | 2000-06-08 |
Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.1 | Attack Range | Local |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0502 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
6287 | McAfee VirusScan Unauthorized User Alert File Modification McAfee VirusScan contains a flaw that may allow a malicious user to send an unlimited amount of alerts to the Central Alert server. The issue is triggered due to insecure permissions of the alert text file, which contains informations such as username, computer name and informations about detected viruses. It is possible that the flaw may allow an malicious user to arbitrary modify these informations resulting in a loss of integrity. |
Sources (Detail)
Source | Url |
---|
Alert History
Date | Informations |
---|---|
2024-11-28 23:24:45 |
|
2024-11-28 12:04:09 |
|
2021-05-04 12:01:09 |
|
2021-04-22 01:01:22 |
|
2020-05-23 00:14:24 |
|
2017-10-10 09:23:15 |
|
2016-06-28 14:52:57 |
|
2013-05-11 12:00:25 |
|