CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0018

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile25.91th
PublishedMar 8, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows Nt

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/3997
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/8023
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A159
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A64
πŸ”— http://www.securityfocus.com/bid/3997
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-001
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/8023

Related Vulnerabilities

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2001-014710.0

Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is ...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2001-024110.0

Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long pr...