Back to search
CVE-2003-0350
Published: Jul 10, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.ngssoftware.com/advisories/utilitymanager.txt
x_refsource_MISC
win2k-accessibility-gain-privileges(12543)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:451
vdb-entry
signature
x_refsource_OVAL
MS03-025
vendor-advisory
x_refsource_MS
20030709 Microsoft Utility Manager Local Privilege Escalation
mailing-list
x_refsource_VULNWATCH
20030709 Microsoft Utility Manager Local Privilege Escalation
mailing-list
x_refsource_BUGTRAQ
8154
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now