Vulnerability Description
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Xp | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0250.htmlBroken Link
- http://www.iss.net/security_center/static/10957.phpBroken Link
- http://www.securityfocus.com/bid/6483Third Party AdvisoryVDB Entry
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0250.htmlBroken Link
- http://www.iss.net/security_center/static/10957.phpBroken Link
- http://www.securityfocus.com/bid/6483Third Party AdvisoryVDB Entry
FAQ
What is CVE-2002-2132?
CVE-2002-2132 is a vulnerability with a CVSS score of 2.1 (LOW). Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash ...
How severe is CVE-2002-2132?
CVE-2002-2132 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2132?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Xp.