4.6

CVE-2003-0350

EPSS 0.63%
Published 18.08.2003 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.63%	0.694

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0015.html

Patch

Vendor Advisory

http://marc.info/?l=bugtraq&m=105777681615939&w=2

http://www.ngssoftware.com/advisories/utilitymanager.txt

Patch

Vendor Advisory

http://www.securityfocus.com/bid/8154

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-025

https://exchange.xforce.ibmcloud.com/vulnerabilities/12543

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A451

https://nvd.nist.gov/vuln/detail/CVE-2003-0350

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0350

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0350

EUVD