CVE-2000-1164
First published: Tue Jan 09 2001(Updated: )
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AT&T WinVNC | =3.3.3 | |
| AT&T WinVNC | =3.3.3r7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-1164?
The severity of CVE-2000-1164 is classified as high due to its potential to expose sensitive information.
How do I fix CVE-2000-1164?
To fix CVE-2000-1164, change the permissions of the WinVNC3 registry key to restrict access from the Everybody group.
What systems are affected by CVE-2000-1164?
CVE-2000-1164 affects AT&T WinVNC versions 3.3.3 and 3.3.3r7.
What type of information could be accessed due to CVE-2000-1164?
Due to CVE-2000-1164, sensitive information such as user passwords could be accessed and modified.
Who can exploit CVE-2000-1164?
Any user with local access to the system can exploit CVE-2000-1164 to read or modify sensitive registry information.
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/att
- canonical/at&t winvnc
- version/at&t winvnc/3.3.3
- version/at&t winvnc/3.3.3r7