VAR-199912-0149
Vulnerability from variot - Updated: 2023-12-18 14:02The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. Many commercial virus scanners for Windows platforms exclude the Recycled folder on the hard drive from their scans. The Recycled folder is where Win9x operating systems keep files that have been deleted via the GUI but not purged from the Recycle Bin. Files of any nature can be manually placed in the Recycled folder. Therefore, it is possible for any user or program to put code into that folder that will never be subject to virus scans. Although WinNT makes use of a folder called 'Recycler' for similar purposes, many virus scanners for NT still have the 'Recycled' folder listed in the exclusions. Note that other virus scanners than those listed under the 'info' tab may be vulnerable as well. document
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199912-0149",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "virusscan",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "*"
},
{
"model": "norton antivirus",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2000"
},
{
"model": "associates virusscan for windows nt a",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "4.0.3"
},
{
"model": "associates virusscan for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "4.0.2"
},
{
"model": "virusscan",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "4.0"
},
{
"model": "norton antivirus",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "norton antivirus for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "inoculan for windows nt",
"scope": "ne",
"trust": 0.3,
"vendor": "cheyenne",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "956"
},
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0119"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Originally posted to NTBugtraq by Neil Bortnak.",
"sources": [
{
"db": "BID",
"id": "956"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0119",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-1698",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0119",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199912-076",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-1698",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1698"
},
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. Many commercial virus scanners for Windows platforms exclude the Recycled folder on the hard drive from their scans. The Recycled folder is where Win9x operating systems keep files that have been deleted via the GUI but not purged from the Recycle Bin. Files of any nature can be manually placed in the Recycled folder. Therefore, it is possible for any user or program to put code into that folder that will never be subject to virus scans. \nAlthough WinNT makes use of a folder called \u0027Recycler\u0027 for similar purposes, many virus scanners for NT still have the \u0027Recycled\u0027 folder listed in the exclusions. \nNote that other virus scanners than those listed under the \u0027info\u0027 tab may be vulnerable as well. document",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "BID",
"id": "956"
},
{
"db": "VULHUB",
"id": "VHN-1698"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1698",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1698"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0119",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20000130 BYPASS VIRUS CHECKING",
"trust": 0.6
},
{
"db": "BID",
"id": "956",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-73649",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "19733",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1698",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1698"
},
{
"db": "BID",
"id": "956"
},
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"id": "VAR-199912-0149",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1698"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:56.737000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0119"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=94936267131123\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=94936267131123\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-01-29\u0026thread=3895202f.a89c9f57@bortnak.com"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=94936267131123\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1698"
},
{
"db": "BID",
"id": "956"
},
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1698"
},
{
"db": "BID",
"id": "956"
},
{
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-12-22T00:00:00",
"db": "VULHUB",
"id": "VHN-1698"
},
{
"date": "1999-12-22T00:00:00",
"db": "BID",
"id": "956"
},
{
"date": "1999-12-22T05:00:00",
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"date": "1999-12-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-1698"
},
{
"date": "2009-07-11T01:56:00",
"db": "BID",
"id": "956"
},
{
"date": "2016-10-18T02:06:31.247000",
"db": "NVD",
"id": "CVE-2000-0119"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Virus Scanning Recycle Bin Exclusions for Multiple Vendors",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199912-076"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…