CVE-2002-2401 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-2401

NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-2401
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
microsoft / windows_nt	4.0	4.0.x
microsoft / windows_nt	4.0-sp5	4.0-sp5.x
microsoft / windows_nt	4.0-sp4	4.0-sp4.x
microsoft / windows_xp	-	-
microsoft / windows_nt	4.0-sp6a	4.0-sp6a.x
microsoft / windows_2000	-	-
microsoft / windows_nt	4.0-sp1	4.0-sp1.x
microsoft / windows_nt	4.0-sp3	4.0-sp3.x
microsoft / windows_nt	4.0-sp6	4.0-sp6.x
microsoft / windows_nt	4.0-sp2	4.0-sp2.x