View Definition
| Definition Id: oval:org.mitre.oval:def:2495 | Version: 2 Last Modified: 2007-01-11 | ||
| Title: | Windows Utility Manager Shatter Message Vulnerability II | ||
| Description: | Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908. | ||
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): |
CVE-2004-0213
|
| Platform(s): | Microsoft Windows 2000 | Product(s): | Utility Manager |
| Definition Synopsis: | |||
