CVE-2001-1238

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Windows 2000 Terminal Services
Windows 2000
Vendor
CVE Published:
16 July 2001

Summary

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.

References

http://www.securityfocus.com/archive/1/197195
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/3033
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/6919
vdb-entryx_refsource_XF

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved

  • Vulnerability published

Collectors

NVD DatabaseMitre Database
.