Vulnerability Description
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Xp | All versions |
References
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B237399
- http://www.kb.cert.org/vuls/id/361065PatchThird Party AdvisoryUS Government Resource
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B237399
- http://www.kb.cert.org/vuls/id/361065PatchThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2002-0034?
CVE-2002-0034 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion t...
How severe is CVE-2002-0034?
CVE-2002-0034 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0034?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Xp.