CVE-ID

CVE-2002-0699

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20020712 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20061101)
Votes (Legacy)
ACCEPT(4) Armstrong, Baker, Cole, Wall
MODIFY(2) Foat, Frech
NOOP(2) Christey, Cox
Comments (Legacy)
 Foat> Replace the word "Unknown" with "A" and change "allow" to "allows".
 Christey> The "Unknown" portion of the vulnerability statement is used
   to emphasize that the vendor has not provided sufficient
   information to understand the cause or nature of the problem.
   This is important because this vagueness makes it difficult
   or impossible to resolve it with vulnerability reports
   from other sources, increasing the risk of duplication.
   
   Most candidates affected by CD:VAGUE will use this description
   style.
 Christey> XF:win-certificate-enrollment-dos(9982)
   URL:http://www.iss.net/security_center/static/9982.php
   BID:5593
   URL:http://www.securityfocus.com/bid/5593
 Frech> XF:win-certificate-enrollment-dos(9982)

Proposed (Legacy)
20020830
This is an entry on the CVE list, which standardizes names for security problems.