Insecure Storage of Security Scans in Microsoft Baseline Security Analyzer (MBSA) 1.0

Insecure Storage of Security Scans in Microsoft Baseline Security Analyzer (MBSA) 1.0

CVE-2002-1762 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documents and Settings\username\SecurityScans in plaintext, which could allow remote attackers to obtain sensitive information about the system via malicious active content such as ActiveX controls or Java.

Learn more about our User Device Pen Test.