CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2401

NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.0%

CVSS Severity

CVSS v2 Score 3.6

References

http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458
http://www.abtrusion.com/msexe16.asp
http://www.iss.net/security_center/static/10132.php
http://www.securityfocus.com/bid/5740
http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html
http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458
http://www.abtrusion.com/msexe16.asp
http://www.iss.net/security_center/static/10132.php
http://www.securityfocus.com/bid/5740

Products affected by CVE-2002-2401

Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows 2000 » Version: beta3

cpe:2.3:o:microsoft:windows_2000:beta3
Microsoft » Windows Nt » Version: 4.0

cpe:2.3:o:microsoft:windows_nt:4.0
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2401

Products

Pricing

Contact Us