First published: Mon Nov 04 2002(Updated: )
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2000 Terminal Services | =sp1 | |
Microsoft Windows 2000 | ||
Microsoft Windows 2000 | =sp2 | |
Microsoft Windows 2000 Terminal Services | =sp3 | |
Microsoft Windows 2000 | =sp1 | |
Microsoft Windows 2000 Terminal Services | ||
Microsoft Windows 2000 Terminal Services | =sp2 | |
Microsoft Windows 2000 | =sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.