CVE-2002-2324 : The "System Restore" directory and subdirectories, and possibly other subdirecto

The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings.

Published 2002-12-31 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-2324

Microsoft » Windows Xp
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-2324

EPSS FAQ

1.84%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 81 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-2324

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2002-2324

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2002-2324

Jump to

Vulnerability Details : CVE-2002-2324

Products affected by CVE-2002-2324

Exploit prediction scoring system (EPSS) score for CVE-2002-2324

CVSS scores for CVE-2002-2324

CWE ids for CVE-2002-2324

References for CVE-2002-2324