Microsoft · Windows 2000 · CVE-2003-0350
Name of the Vulnerable Software and Affected Versions:
Windows 2000
Description:
The issue concerns the Accessibility Utility Manager on Windows, where the control for listing accessibility options does not properly handle Windows messages. This allows local users to execute arbitrary code via a specific style message to the Utility Manager that references a user-controlled callback function, known as a "Shatter" style message.
Recommendations:
For Windows 2000, at the moment, there is no information about a newer version that contains a fix for this vulnerability.