CVE-2001-1238

HIGH

Windows 2000 - Privilege Escalation

Title source: llm

Description

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.

References (3)

[Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/archive/1/197195

[Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/bid/3033

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/6919

Scores

CVSS v3 7.8

EPSS 0.0051

EPSS Percentile 66.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-178

Status published

Products (1)

microsoft/windows_2000

Published Jul 16, 2001

Tracked Since Feb 18, 2026