Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2000-0502 | First vendor Publication | 2000-06-08 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0502 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 6287 | McAfee VirusScan Unauthorized User Alert File Modification McAfee VirusScan contains a flaw that may allow a malicious user to send an unlimited amount of alerts to the Central Alert server. The issue is triggered due to insecure permissions of the alert text file, which contains informations such as username, computer name and informations about detected viruses. It is possible that the flaw may allow an malicious user to arbitrary modify these informations resulting in a loss of integrity. |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:24:45 |
|
| 2024-11-28 12:04:09 |
|
| 2021-05-04 12:01:09 |
|
| 2021-04-22 01:01:22 |
|
| 2020-05-23 00:14:24 |
|
| 2017-10-10 09:23:15 |
|
| 2016-06-28 14:52:57 |
|
| 2013-05-11 12:00:25 |
|
