{"api_version":"1","generated_at":"2026-04-23T04:09:40+00:00","cve":"CVE-2000-0502","urls":{"html":"https://cve.report/CVE-2000-0502","api":"https://cve.report/api/cve/CVE-2000-0502.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2000-0502","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2000-0502"},"summary":{"title":"CVE-2000-0502","description":"Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.","state":"PUBLISHED","assigner":"mitre","published_at":"2000-06-08 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"2.1","severity":"","vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html","name":"http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4641","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4641","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.osvdb.org/6287","name":"http://www.osvdb.org/6287","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/1326","name":"http://www.securityfocus.com/bid/1326","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"McAfee VirusScan 4.03 Alert File Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2000-0502","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2000-0502","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2000","cve_id":"502","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"virusscan","cpe6":"4.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T05:21:30.581Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"mcafee-alerting-dos(4641)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4641"},{"name":"20000607 Mcafee Alerting DOS vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html"},{"name":"6287","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/6287"},{"name":"1326","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/1326"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2000-06-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2002-02-26T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"mcafee-alerting-dos(4641)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4641"},{"name":"20000607 Mcafee Alerting DOS vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html"},{"name":"6287","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/6287"},{"name":"1326","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/1326"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2000-0502","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"mcafee-alerting-dos(4641)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/4641"},{"name":"20000607 Mcafee Alerting DOS vulnerability","refsource":"BUGTRAQ","url":"http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html"},{"name":"6287","refsource":"OSVDB","url":"http://www.osvdb.org/6287"},{"name":"1326","refsource":"BID","url":"http://www.securityfocus.com/bid/1326"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2000-0502","datePublished":"2003-04-02T05:00:00.000Z","dateReserved":"2000-07-11T00:00:00.000Z","dateUpdated":"2024-08-08T05:21:30.581Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2000-06-08 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:virusscan:4.0.3:*:*:*:*:*:*:*","matchCriteriaId":"A562D4A2-1E7E-4A43-8634-B8721DA8A9F8"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2000","CveId":"502","Ordinal":"1","Title":"CVE-2000-0502","CVE":"CVE-2000-0502","Year":"2000"},"notes":[{"CveYear":"2000","CveId":"502","Ordinal":"1","NoteData":"Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.","Type":"Description","Title":"CVE-2000-0502"},{"CveYear":"2000","CveId":"502","Ordinal":"2","NoteData":"2003-04-02","Type":"Other","Title":"Published"},{"CveYear":"2000","CveId":"502","Ordinal":"3","NoteData":"2002-02-26","Type":"Other","Title":"Modified"}]}}}