Definition
New Search
Windows Utility Manager Shatter Message Vulnerability
oval:org.mitre.oval:def:1046
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI as demonstrated using the File Open dialog in the Help window a different vulnerability than CVE-2004-0213.
Family:
windows
Status:
ACCEPTED
Platform(s):
- Microsoft Windows 2000
Class:
vulnerability
Reference(s):
- CVE-2003-0908
Product(s):
- Utility Manager