PT-2000-1597 · Microsoft · Explorer.Exe+3

Published

2000-07-25

Updated

2018-10-12

CVE-2000-0663

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Windows NT and Windows 2000

Description The issue arises from the registry entry for the Windows Shell executable (Explorer.exe) using a relative path name. This allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory.

Recommendations For Windows NT and Windows 2000, consider using an absolute path name for the Windows Shell executable registry entry to prevent exploitation. As a temporary workaround, restrict access to the %Systemdrive% directory to minimize the risk of a Trojan Horse being inserted. Avoid executing commands from untrusted sources until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0663

Affected Products

Explorer.Exe

Windows 2000

Windows Nt

Windows Shell

PT-2000-1597 · Microsoft · Explorer.Exe+3

CVE-2000-0663

Related Identifiers

Affected Products

References · 5