Microsoft Windows 2000 Network Dynamic Data Exchange (DDE) executes code as Local System

Overview The Windows 2000 Network DDE agent permits local users to execute commands with system privileges. Description Dynamic Data Exchange DDE is an interprocess communication mechanism used in Microsoft Windows. A DDE share is an area of memory which is used to store and retrieve data. Networ...

CVE-2001-0015

CVE-2001-0015 affects Windows 2000 via the Network Dynamic Data Exchange (DDE) component. The vulnerability allows a local attacker to elevate privileges to Local System by sending a WM_COPYDATA message to an invisible DDE window that runs with WINLOGON privileges, enabling arbitrary command exec...

Дырка в Windows 2000 (Network DDE Agent privilege elevation)

Network DDE Agent выполняет запросы клинтской программы в контексте локальной системы вместо контекста запрашивающего пользователя...

Security Bulletin MS01-007

---------------------------------------------------------------------- Title: Patch Available for "Network DDE Agent Request" Vulnerability Date: 05 February 2001 Software: Windows 2000 Impact: Privilege elevation Bulletin: MS01-007 Microsoft encourages customers to review the Security Bulletin...