Lucene search

[email protected]NVD:CVE-2003-0350

HistoryAug 18, 2003 - 4:00 a.m.

CVE-2003-0350

2003-08-1804:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

20.6%

JSON

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a “Shatter” style message to the Utility Manager that references a user-controlled callback function.

Affected configurations

Nvd

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

References

archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html

marc.info/?l=bugtraq&m=105777681615939&w=2

www.ngssoftware.com/advisories/utilitymanager.txt

www.securityfocus.com/bid/8154

docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025

exchange.xforce.ibmcloud.com/vulnerabilities/12543

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

20.6%

JSON

Related for NVD:CVE-2003-0350

nessus2 cvelist1 cve1