Microsoft Distributed Transaction Coordinator Service Isolation Vulnerability
Microsoft Windows XP Professional SP2 Vista and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability related to improper management of the SeImpersonatePrivilege user right as originally reported for Internet Information Services (IIS) aka Token Kidnapping.
- Microsoft Windows Vista
- Microsoft Windows Server 2008
- Microsoft Windows XP
- Microsoft Windows 2000
- Microsoft Windows Server 2003
- Microsoft Distributed Transaction Coordinator