Flaw In Certificate Enrollment Control (Q323172) Network Vulnerability

Summary

A vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to delete digital certificates on a user's system via HTML. Impact of vulnerability: Denial of service Maximum Severity Rating: Critical Recommendation: Customers should install the patch immediately Affected Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Millennium Microsoft Windows NT 4.0 Microsoft Windows 2000 Microsoft Windows XP See http://www.microsoft.com/technet/security/bulletin/ms02-048.mspx

Severity

Classification

CVE CVE-2002-0699

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Microsoft .NET Framework Denial of Service Vulnerability (2990931)
Microsoft Windows SAMR Protocol Security Bypass Vulnerability (2934418)
Microsoft Group Policy Preferences Privilege Elevation Vulnerability (2962486)
Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
Microsoft Windows Kernel Denial of Service Vulnerability (2556532)

Flaw in Certificate Enrollment Control (Q323172)

Take action and discover your vulnerabilities