Vulnerability CVE-2002-1869


Published: 2002-12-31   Modified: 2012-02-12

Description:
Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer.

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Heysoft -> Eventsave 
Heysoft -> Eventsave+ 

 References:
http://www.securityfocus.com/bid/6095
http://www.iss.net/security_center/static/10535.php
http://www.heysoft.de/nt/eventlog/hsb01e.htm
http://securitytracker.com/id?1005517

Copyright 2024, cxsecurity.com

 

Back to Top