oval:org.mitre.oval:def:2495
Definition Id: oval:org.mitre.oval:def:2495 | |||
Oval ID: | oval:org.mitre.oval:def:2495 | ||
Title: | Windows Utility Manager Shatter Message Vulnerability II | ||
Description: | Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2004-0213 | Version: | 2 |
Platform(s): | Microsoft Windows 2000 | Product(s): | Utility Manager |
Definition Synopsis: | |||