CVE-2003-0897

Name of the Vulnerable Software and Affected Versions Windows XP

Description The issue allows local users to execute arbitrary code by sending specific button control messages to privileged applications. This can be achieved by sending (1) BCM GETTEXTMARGIN or (2) BCM SETTEXTMARGIN button control messages.

Recommendations For Windows XP, consider restricting access to privileged applications until a fix is available. As a temporary workaround, avoid using the BCM GETTEXTMARGIN and BCM SETTEXTMARGIN button control messages in applications that use the CommCtl32.dll library.