4.6

CVE-2003-0350

EPSS 0.63%
Veröffentlicht 18.08.2003 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.63%	0.694

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html

Patch

Vendor Advisory

http://marc.info/?l=bugtraq&m=105777681615939&w=2

http://www.ngssoftware.com/advisories/utilitymanager.txt

Patch

Vendor Advisory

http://www.securityfocus.com/bid/8154

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025

https://exchange.xforce.ibmcloud.com/vulnerabilities/12543

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451

https://nvd.nist.gov/vuln/detail/CVE-2003-0350

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0350

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0350

EUVD