oval:org.mitre.oval:def:451

Definition Id: oval:org.mitre.oval:def:451

Oval ID:	oval:org.mitre.oval:def:451
Title:	Windows ListView Shatter Message Vulnerability
Description:	The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2003-0350	Version:	7
Platform(s):	Microsoft Windows 2000	Product(s):	Utilities Manager/Windows Messaging
Definition Synopsis:
Windows 2000 is installed AND the version of sp3res.dll is less than 5.0.2195.6713 AND the version of umandlg.dll is less than 1.0.0.3 AND NOT Patch KB822679 Installed AND NOT SP4 or later Installed