Vulnerability Details CVE-2002-0049
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.113
EPSS Ranking 93.3%
CVSS Severity
CVSS v2 Score 6.4
References
- http://www.osvdb.org/2042
- http://www.securityfocus.com/bid/4053
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8092
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1022
- http://www.osvdb.org/2042
- http://www.securityfocus.com/bid/4053
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8092
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1022
Products affected by CVE-2002-0049
-
cpe:2.3:a:microsoft:exchange_server:2000