PT-2004-1177 · Microsoft · Windows 2000

Ben Pryor

Published

2004-04-16

Updated

2018-10-12

CVE-2003-0908

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000

Description The issue allows local users to execute arbitrary code via a "Shatter" style attack. This is achieved by using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window.

Recommendations For Microsoft Windows 2000, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0908

Affected Products

Windows 2000

PT-2004-1177 · Microsoft · Windows 2000

CVE-2003-0908

Related Identifiers

Affected Products

References · 12