CVE-2002-1762

Name of the Vulnerable Software and Affected Versions Microsoft Baseline Security Analyzer (MBSA) version 1.0

Description The issue allows remote attackers to obtain sensitive system information due to the storage of security scans in plaintext at a known location, C:Documents and SettingsusernameSecurityScans. This could be exploited via malicious active content, such as ActiveX controls or Java.

Recommendations For Microsoft Baseline Security Analyzer (MBSA) version 1.0, consider restricting access to the C:Documents and SettingsusernameSecurityScans directory to minimize the risk of exploitation. As a temporary workaround, avoid using active content such as ActiveX controls or Java until a more secure solution is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.