CVE-2002-1184 : The system root folder of Microsoft Windows 2000 has default permissions of Ever

The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers to gain privileges as other users via Trojan horse programs.

Published 2002-11-12 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-1184

Microsoft » Windows Nt » Version: 4.0 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP2 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP2 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP3 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP4 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP6 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP2 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP3 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP3 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP6 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update Sp6a Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update Sp6a Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update Sp6a Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP1 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP1 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP4 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP5 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP5 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP1 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP4 Enterprise Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP5 Workstation Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*
Matching versions
Microsoft » Windows Nt » Version: 4.0 Update SP6 Server Edition
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP2
cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP3
cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Update SP1
cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-1184

EPSS FAQ

0.40%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 58 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-1184

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2002-1184

Jump to

Vulnerability Details : CVE-2002-1184

Products affected by CVE-2002-1184

Exploit prediction scoring system (EPSS) score for CVE-2002-1184

CVSS scores for CVE-2002-1184

References for CVE-2002-1184