Vulnerability Description
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Xp | All versions |
References
- http://online.securityfocus.com/archive/1/295341
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B329350
- http://www.iss.net/security_center/static/10377.phpPatch
- http://www.securityfocus.com/bid/5972Patch
- http://online.securityfocus.com/archive/1/295341
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B329350
- http://www.iss.net/security_center/static/10377.phpPatch
- http://www.securityfocus.com/bid/5972Patch
FAQ
What is CVE-2002-1932?
CVE-2002-1932 is a vulnerability with a CVSS score of 7.5 (HIGH). Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the lo...
How severe is CVE-2002-1932?
CVE-2002-1932 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1932?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Xp.