Vulnerability Details : CVE-2002-1869
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer.
Exploit prediction scoring system (EPSS) score for CVE-2002-1869
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 22 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-1869
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST |
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
1.8
|
1.4
|
NIST |
CWE ids for CVE-2002-1869
-
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2002-1869
-
http://www.iss.net/security_center/static/10535.php
Broken Link;Patch
-
http://www.securityfocus.com/bid/6095
Broken Link;Patch;Third Party Advisory;VDB Entry
-
http://www.heysoft.de/nt/eventlog/hsb01e.htm
404 Not FoundBroken Link;Patch
-
http://securitytracker.com/id?1005517
GoDaddy Domain Name SearchBroken Link;Patch;Third Party Advisory;VDB Entry
Products affected by CVE-2002-1869
- cpe:2.3:a:heysoft:eventsave\+:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:heysoft:eventsave\+:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:heysoft:eventsave:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:heysoft:eventsave:5.1:*:*:*:*:*:*:*