Vulnerability CVE-2000-0802

Vulnerability Name:

CVE-2000-0802 (CCN-4964)

Assigned:

2000-07-21

Published:

2000-07-21

Updated:

2016-10-18

Summary:

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.

CVSS v3 Severity:

5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

3.6 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

3.6 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-Other

Vulnerability Consequences:

Bypass Security

References:

Source: CCN
Type: BugTraq Mailing List, Sat Jul 22 2000 - 00:26:40 CDT
More bad censorware

Source: MITRE
Type: CNA
CVE-2000-0802

Source: BUGTRAQ
Type: UNKNOWN
20000722 More bad censorware

Source: CCN
Type: OSVDB ID: 13250
BAIR Internet Explorer Option Menu Restriction Failure

Source: XF
Type: UNKNOWN
bair-security-removal(4964)

Vulnerable Configuration:

Configuration 1:

cpe:/a:pgp:personal_privacy:6.5.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_95:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK