Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0663

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2000-0663
Last Modified 05 Sep 2008 04:21:34
Published 25 Jul 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2000-0663

Summary

The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Nt 4.0


References

XF - explorer-relative-path-name

BID - 1507

MS - MS00-052

MSKB - Q269049


Last Updated: 27 May 2016 10:35:49