Vulnerability Name:

CCN-6874

Published:2001-07-18
Updated:2001-07-18
Summary:Microsoft Windows could allow a local attacker to execute a malicious file on the system, caused by a vulnerability in the way file paths are interpreted in the Windows Registry. If the file path is not enclosed in quotations, the file path recognized by the operating system results in the path up until the first encountered space as the full path. A local attacker can create a malicious executable with the same file path and name as the incorrect recognized registry path, to cause the malicious file to be executed on the system once the system boots.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Wed Jul 18 2001 - 00:08:29 CDT
long filename issue in Win9x

Source: CCN
Type: BugTraq Mailing List, Wed Jul 18 2001 - 11:08:44 CDT
RE: long filename issue in Win9x

Source: CCN
Type: BID-3061
Microsoft Windows 9x Quotation Exclusion File Execution Vulnerability

Source: XF
Type: UNKNOWN
win-invalid-path-file-execution(6874)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    microsoft windows 95 *
    microsoft windows 98 *