Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2003-0350 | First vendor Publication | 2003-08-18 |
Vendor | Cve | Last vendor Modification | 2019-04-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0350 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:451 | |||
Oval ID: | oval:org.mitre.oval:def:451 | ||
Title: | Windows ListView Shatter Message Vulnerability | ||
Description: | The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2003-0350 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Utilities Manager/Windows Messaging |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2009-03-15 | Name : MS04-011 security check File : nvt/remote-MS04-011.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
13410 | Microsoft Windows 2000 Accessibility Utility Manager Arbitrary Code Execution |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-10-05 | Name : The remote system is not up to date. File : service_pack_not_installed.nasl - Type : ACT_GATHER_INFO |
2003-07-13 | Name : A local user can elevate his privileges. File : smb_nt_ms03-025.nasl - Type : ACT_GATHER_INFO |
2000-10-10 | Name : The remote system has the latest service pack installed. File : smb_reg_service_pack_W2K.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:58 |
|
2021-04-22 01:02:09 |
|
2020-05-23 00:15:24 |
|
2019-04-30 21:19:17 |
|
2018-10-13 00:22:27 |
|
2018-06-22 12:01:30 |
|
2017-10-11 09:23:17 |
|
2017-07-11 12:01:16 |
|
2016-10-18 12:01:11 |
|
2016-04-26 12:32:46 |
|
2014-02-17 10:26:09 |
|
2013-05-11 11:51:07 |
|