PT-2003-1944 · Microsoft · Comctl32.Dll+1

Brett Moore

Published

2003-10-25

Updated

2017-07-11

CVE-2003-0897

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Windows XP

Description The issue allows local users to execute arbitrary code by sending specific button control messages to privileged applications. This can be achieved by sending (1) BCM GETTEXTMARGIN or (2) BCM SETTEXTMARGIN button control messages.

Recommendations For Windows XP, consider restricting access to privileged applications until a fix is available. As a temporary workaround, avoid using the BCM GETTEXTMARGIN and BCM SETTEXTMARGIN button control messages in applications that use the CommCtl32.dll library.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0897

Affected Products

Comctl32.Dll

Windows Xp

PT-2003-1944 · Microsoft · Comctl32.Dll+1

CVE-2003-0897

Related Identifiers

Affected Products

References · 3