Vulnerabilities > CVE-2001-1238 - Improper Handling of Case Sensitivity vulnerability in Microsoft Windows 2000

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

microsoft

CWE-178

NVD

Published: 2001-07-16

Updated: 2024-02-02

Summary

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

Common Weakness Enumeration (CWE)

CWE-178 - Improper Handling of Case Sensitivity

References

http://www.securityfocus.com/bid/3033
http://www.securityfocus.com/archive/1/197195
https://exchange.xforce.ibmcloud.com/vulnerabilities/6919