Windows Event Log Size Notification Vulnerability

Windows Event Log Size Notification Vulnerability

CVE-2002-1932 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.

Learn more about our User Device Pen Test.