First published: Tue Feb 03 2004(Updated: )
The Microsoft CONVERT.EXE program, when used on Windows 2000 and Windows XP systems, does not apply the default NTFS permissions when converting a FAT32 file system, which could cause the conversion to produce a file system with less secure permissions than expected.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows XP | =gold | |
Microsoft Windows 2000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2002-0034 is considered a medium severity vulnerability due to potential exposure of sensitive files with insufficient security permissions.
To fix CVE-2002-0034, ensure that after converting a FAT32 file system, you manually set the appropriate NTFS permissions on the files and directories.
CVE-2002-0034 affects Microsoft Windows 2000 and Windows XP systems.
If CVE-2002-0034 is exploited, it could result in files having less secure permissions, leading to unauthorized access to sensitive data.
There is no specific patch for CVE-2002-0034; however, following best practices for file permissions can mitigate the risk.