Описание
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.
Ссылки
- Mailing List
- Third Party AdvisoryUS Government Resource
- Broken LinkPatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Mailing List
- Third Party AdvisoryUS Government Resource
- Broken LinkPatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.
EPSS
7.8 High
CVSS3
7.2 High
CVSS2