Sign-up

ID

VAR-200303-0032


CVE

CVE-2002-1540


TITLE

Applications that use the Windows Help function may be vulnerable to privilege escalation

Trust: 0.8

sources: JVNDB: JVNDB-2011-000026

DESCRIPTION

The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system. Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system. This issue may occur in applications or services where the Help function is not called in a secure manner. An example of this is when Anti-virus software or a personal firewall is running on the local system with the privileges of an administrator on the local system, and has an interface to "communicate" with the user. ISIHARA Takanori reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A user may gain unauthorized access to resources on the system

Trust: 1.71

sources: NVD: CVE-2002-1540 // JVNDB: JVNDB-2011-000026 // VULHUB: VHN-5925

AFFECTED PRODUCTS

vendor:symantecmodel:norton antivirusscope:eqversion:corporate_7.6

Trust: 1.6

vendor:symantecmodel:norton antivirusscope:eqversion:corporate_7.5

Trust: 1.6

vendor:symantecmodel:norton antivirusscope:eqversion:corporate_7.51

Trust: 1.6

vendor:symantecmodel:norton antivirusscope:eqversion:corporate edition prior to 7.5.1 build 62

Trust: 0.8

vendor:symantecmodel:norton antivirusscope:eqversion:corporate edition prior to 7.6.1 build 35a

Trust: 0.8

vendor:symantecmodel:antivirusscope:eqversion:corporate edition 9.0.1 upgrade to mr3 or later

Trust: 0.8

vendor:symantecmodel:antivirusscope:eqversion:corporate edition 9.0.2 upgrade to mr3 or later

Trust: 0.8

vendor:symantecmodel:antivirusscope:eqversion:edition 9.0 upgrade to mr3 or later

Trust: 0.8

vendor:symantecmodel:client securityscope:eqversion:2.0 upgrade to mr3 or later

Trust: 0.8

vendor:symantecmodel:client securityscope:eqversion:2.0.1 upgrade to mr3 or later

Trust: 0.8

vendor:symantecmodel:client securityscope:eqversion:2.0.2 upgrade to mr3 or later

Trust: 0.8

sources: JVNDB: JVNDB-2011-000026 // CNNVD: CNNVD-200303-085 // NVD: CVE-2002-1540

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1540
value: HIGH

Trust: 1.0

IPA: JVNDB-2011-000026
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200303-085
value: HIGH

Trust: 0.6

VULHUB: VHN-5925
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-1540
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2011-000026
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-5925
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5925 // JVNDB: JVNDB-2011-000026 // CNNVD: CNNVD-200303-085 // NVD: CVE-2002-1540

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-264

Trust: 0.8

sources: JVNDB: JVNDB-2011-000026 // NVD: CVE-2002-1540

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200303-085

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200303-085

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-000026

PATCH
title:Security, services and the interactive desktop in Windowsurl:http://support.microsoft.com/kb/327618/en-us
Trust: 0.8
title:SYM05-012 url:http://www.symantec.com/avcenter/security/Content/2005.08.24.html
Trust: 0.8
title:October 15, 2002 Symantec Norton AntiVirus Corporate Edition 7.x Help File Elevation of Privilegeurl:http://www.symantec.com/avcenter/security/Content/2002.10.15.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-000026

EXTERNAL IDS
db:NVDid:CVE-2002-1540
Trust: 2.5
db:OSVDBid:6258
Trust: 1.7
db:JVNid:JVN63898867
Trust: 0.8
db:JVNDBid:JVNDB-2011-000026
Trust: 0.8
db:BUGTRAQid:20021025 RE: DH TEAM: NORTON ANTIVIRUS CORPORATE EDITION PRIVILEGE ESCALATION, HTTP://ONLINE.SECURITYFOCUS.COM/ARCHIVE/1/296979/2002-10-22/2002-10-28/0
Trust: 0.6
db:BUGTRAQid:20021024 DH TEAM: NORTON ANTIVIRUS CORPORATE EDITION PRIVILEGE ESCALATION
Trust: 0.6
db:XFid:32
Trust: 0.6
db:CNNVDid:CNNVD-200303-085
Trust: 0.6
db:VULHUBid:VHN-5925
Trust: 0.1
sources:
            
            
            VULHUB: VHN-5925 // 
            
            
            
            JVNDB: JVNDB-2011-000026 // 
            
            
            
            CNNVD: CNNVD-200303-085 // 
            
            
            
            NVD: CVE-2002-1540

REFERENCES
url:http://archives.neohapsis.com/archives/bugtraq/2002-10/0346.html
Trust: 1.7
url:http://archives.neohapsis.com/archives/bugtraq/2002-10/0369.html
Trust: 1.7
url:http://www.osvdb.org/6258
Trust: 1.7
url:http://www.iss.net/security_center/static/10475.php
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-1540
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2017
Trust: 0.8
url:http://jvn.jp/en/jp/jvn63898867
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2002-1540
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-2017
Trust: 0.8
sources:
            
            
            VULHUB: VHN-5925 // 
            
            
            
            JVNDB: JVNDB-2011-000026 // 
            
            
            
            CNNVD: CNNVD-200303-085 // 
            
            
            
            NVD: CVE-2002-1540

SOURCES
db:VULHUBid:VHN-5925
db:JVNDBid:JVNDB-2011-000026
db:CNNVDid:CNNVD-200303-085
db:NVDid:CVE-2002-1540

LAST UPDATE DATE
2024-08-14T12:17:28.822000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-5925date:2008-09-10T00:00:00
db:JVNDBid:JVNDB-2011-000026date:2011-05-13T00:00:00
db:CNNVDid:CNNVD-200303-085date:2006-04-20T00:00:00
db:NVDid:CVE-2002-1540date:2008-09-10T19:14:51.070

SOURCES RELEASE DATE
db:VULHUBid:VHN-5925date:2003-03-31T00:00:00
db:JVNDBid:JVNDB-2011-000026date:2011-05-13T00:00:00
db:CNNVDid:CNNVD-200303-085date:2003-03-31T00:00:00
db:NVDid:CVE-2002-1540date:2003-03-31T05:00:00