Vulnerability Details : CVE-2000-0650
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.
Exploit prediction scoring system (EPSS) score for CVE-2000-0650
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2000-0650
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
References for CVE-2000-0650
-
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/1458
Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/5177
Products affected by CVE-2000-0650
- cpe:2.3:a:network_associates:virusscan:4.5:*:windows_nt:*:*:*:*:*
- cpe:2.3:a:network_associates:netshield:4.5:*:*:*:*:*:*:*