CVE-2003-0350 - OpenCVE

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows 2000

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2000::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000::sp3::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html
http://marc.info/?l=bugtraq&m=105777681615939&w=2
http://www.ngssoftware.com/advisories/utilitymanager.txt
http://www.securityfocus.com/bid/8154
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025
https://exchange.xforce.ibmcloud.com/vulnerabilities/12543
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-07-10T04:00:00

Updated: 2024-08-08T01:50:47.702Z

Reserved: 2003-05-28T00:00:00

Link: CVE-2003-0350

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-08-18T04:00:00.000

Modified: 2019-04-30T14:27:13.710

Link: CVE-2003-0350

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-07-09T00:00:00", "descriptions": [{"lang": "en", "value": "The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a \"Shatter\" style message to the Utility Manager that references a user-controlled callback function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.ngssoftware.com/advisories/utilitymanager.txt"}, {"name": "win2k-accessibility-gain-privileges(12543)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12543"}, {"name": "oval:org.mitre.oval:def:451", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451"}, {"name": "MS03-025", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "tags": ["mailing-list", "x_refsource_VULNWATCH"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=105777681615939&w=2"}, {"name": "8154", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8154"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0350", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a \"Shatter\" style message to the Utility Manager that references a user-controlled callback function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.ngssoftware.com/advisories/utilitymanager.txt", "refsource": "MISC", "url": "http://www.ngssoftware.com/advisories/utilitymanager.txt"}, {"name": "win2k-accessibility-gain-privileges(12543)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12543"}, {"name": "oval:org.mitre.oval:def:451", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451"}, {"name": "MS03-025", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=105777681615939&w=2"}, {"name": "8154", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8154"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T01:50:47.702Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ngssoftware.com/advisories/utilitymanager.txt"}, {"name": "win2k-accessibility-gain-privileges(12543)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12543"}, {"name": "oval:org.mitre.oval:def:451", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451"}, {"name": "MS03-025", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "tags": ["mailing-list", "x_refsource_VULNWATCH", "x_transferred"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html"}, {"name": "20030709 Microsoft Utility Manager Local Privilege Escalation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=105777681615939&w=2"}, {"name": "8154", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8154"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0350", "datePublished": "2003-07-10T04:00:00", "dateReserved": "2003-05-28T00:00:00", "dateUpdated": "2024-08-08T01:50:47.702Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117", "vulnerable": true}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a \"Shatter\" style message to the Utility Manager that references a user-controlled callback function."}, {"lang": "es", "value": "El control para el listado de opciones de accesibilidad en el Accessibility Utility Manager de Windows 2000 (ListView) no maneja adecuadamente los mensajes de Windows, lo cual permite a usuarios locales la ejecuci\u00f3n de c\u00f3digo arbitrario mediante un mensaje de estilo al manejador de utilidades que referencia a una funci\u00f3n de retrollamada controlada por el usuario."}], "id": "CVE-2003-0350", "lastModified": "2019-04-30T14:27:13.710", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-08-18T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=105777681615939&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ngssoftware.com/advisories/utilitymanager.txt"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/8154"}, {"source": "cve@mitre.org", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12543"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}