Vulnerability Name: | CVE-2002-0974 (CCN-9878) | ||||||||
Assigned: | 2002-08-14 | ||||||||
Published: | 2002-08-14 | ||||||||
Updated: | 2018-10-12 | ||||||||
Summary: | Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | File Manipulation | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Wed Aug 14 2002 - 19:13:04 CDT Delete arbitrary files using Help and Support Center [MSRC 1198dg] Source: MITRE Type: CNA CVE-2002-0974 Source: BUGTRAQ Type: UNKNOWN 20020815 Delete arbitrary files using Help and Support Center [MSRC 1198dg] Source: MSKB Type: UNKNOWN Q328940 Source: CCN Type: Microsoft Corporation Web site Microsoft Windows Update Source: XF Type: Vendor Advisory winxp-helpctr-delete-files(9878) Source: CCN Type: Microsoft Security Bulletin MS02-060 Flaw in Windows XP Help and Support Center Could Enable File Deletion (Q328940) Source: OSVDB Type: UNKNOWN 3001 Source: CCN Type: OSVDB ID: 3001 Microsoft IE XP HCP URI Handler File Deletion Source: BID Type: UNKNOWN 5478 Source: CCN Type: BID-5478 Microsoft Windows XP HCP URI Handler Abuse Vulnerability Source: CCN Type: BID-548 Microsoft JET VBA Shell Vulnerability Source: MS Type: UNKNOWN MS02-060 Source: XF Type: UNKNOWN winxp-helpctr-delete-files(9878) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |