CVE-2000-0650
First published: Tue Jul 11 2000(Updated: )
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Network Associates Virusscan | =4.5 | |
| Network Associates Netshield | =4.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0650?
CVE-2000-0650 is considered a high severity vulnerability due to the potential for local users to execute arbitrary commands.
How do I fix CVE-2000-0650?
To fix CVE-2000-0650, secure the permissions on the registry key associated with the AutoUpgrade directory to prevent unauthorized access.
Which versions are affected by CVE-2000-0650?
CVE-2000-0650 affects VirusScan 4.5 and NetShield 4.5 for Windows NT.
What is the impact of exploiting CVE-2000-0650?
Exploiting CVE-2000-0650 allows local users to replace SETUP.EXE with a Trojan Horse, potentially compromising system security.
Who is affected by CVE-2000-0650?
All users of the default installation of VirusScan 4.5 and NetShield 4.5 are affected by CVE-2000-0650 if proper security measures are not taken.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/network associates
- canonical/network associates virusscan
- version/network associates virusscan/4.5
- canonical/network associates netshield
- version/network associates netshield/4.5