Lucene search

[email protected]CVE-2003-0897

HistoryNov 17, 2003 - 5:00 a.m.

CVE-2003-0897

2003-11-1705:00:00

[email protected]

web.nvd.nist.gov

vulnerability

shatter

commctl32.dll

windows xp

arbitrary code execution

nvd

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.5%

JSON

“Shatter” vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.

Affected configurations

NVD

Node

microsoftwindows_xpgold

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*

References

marc.info/?l=bugtraq&m=106692772510010&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/13558

7.6 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.5%

JSON

Related for CVE-2003-0897

cvelist1 nvd1