CVE-2002-2283 : Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privileg

Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users.

Published 2002-12-31 05:00:00

Updated 2017-08-17 01:29:01

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2002-2283

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 34 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2002-2283

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:P/I:N/A:N	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2002-2283

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2002-2283

Products affected by CVE-2002-2283

Microsoft » Windows Xp » PRO Edition
cpe:2.3:o:microsoft:windows_xp:*:*:pro:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP1 Home Edition
cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Home Edition
cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*
Matching versions
Microsoft » Windows Xp » Update SP1 PRO Edition
cpe:2.3:o:microsoft:windows_xp:*:sp1:pro:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2002-2283

Exploit prediction scoring system (EPSS) score for CVE-2002-2283

CVSS scores for CVE-2002-2283

CWE ids for CVE-2002-2283

References for CVE-2002-2283

Products affected by CVE-2002-2283