3 matches found
CVE-2003-0908
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialo...
CVE-2003-0908
CVE-2003-0908 describes a local privilege-elevation issue in Windows 2000 where Utility Manager can be coerced to launch winhlp32.exe with SYSTEM privileges via crafted Windows messages targeting the Help button, enabling arbitrary code execution (as shown in a Shatter-style vector). Connected so...
CVE-2003-0908
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialo...