|
|
CVE Reference: CVE-2003-0908 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2003-0908 |
|
|
Description: The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/15632 VULNWATCH http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0082.html OVAL http://oval.mitre.org/oval/definitions/data/oval1046.html MS http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx MISC http://www.securiteam.com/windowsntfocus/5LP0C2ACKU.html http://www.appsecinc.com/resources/alerts/general/04-0001.html CIAC http://www.ciac.org/ciac/bulletins/o-114.shtml CERT-VN 526084 CERT http://www.us-cert.gov/cas/techalerts/TA04-104A.html BID 10124 |
|
| Return to the previous page. |
