• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20020712 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20061101)
Votes (Legacy)
ACCEPT(4) Armstrong, Baker, Cole, Wall
MODIFY(2) Foat, Frech
NOOP(2) Christey, Cox
Comments (Legacy)
 Foat> Replace the word "Unknown" with "A" and change "allow" to "allows".
 Christey> The "Unknown" portion of the vulnerability statement is used
   to emphasize that the vendor has not provided sufficient
   information to understand the cause or nature of the problem.
   This is important because this vagueness makes it difficult
   or impossible to resolve it with vulnerability reports
   from other sources, increasing the risk of duplication.
   Most candidates affected by CD:VAGUE will use this description
 Christey> XF:win-certificate-enrollment-dos(9982)
 Frech> XF:win-certificate-enrollment-dos(9982)

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.