CVE-2001-1238
Last modified
CVE-2001-1238 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.. EPSS estimates a 1.33% chance of exploitation in the next 30 days.
Description
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://www.securityfocus.com/archive/1/197195Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
- http://www.securityfocus.com/bid/3033Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6919Third Party Advisory, VDB Entry
- http://www.securityfocus.com/archive/1/197195Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
- http://www.securityfocus.com/bid/3033Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6919Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-1238?
How severe is CVE-2001-1238?
How do I fix CVE-2001-1238?
Are you affected by CVE-2001-1238?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST