Oval Definition:oval:org.mitre.oval:def:1004
Revision Date:2011-05-16Version:49
Title:WinXP Management Vulnerability
Description:Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0909
Platform(s):Microsoft Windows XP
Product(s):
Definition Synopsis
  • A vulnerable version of evtgprov.dll exists on XP
  • No service pack is installed, 32 bit Edition, and evtgprov.dll is less than 5.1.2600.136
  • NOT Win2K/XP/2003 is patched
  • AND 32-Bit version of Windows is installed
  • AND the version of evtgprov.dll is less than 5.1.2600.136
  • OR Affected evtgprov.dll versions on Windows XP SP1
  • Win2K/XP/2003/Vista service pack 1 is installed
  • AND the version of evtgprov.dll is less than 5.1.2600.1363
  • AND NOT the patch kb835732 is installed
  • AND Windows XP (sp1 or earlier) is installed
  • Windows XP is installed
  • AND NOT Win2K/XP/2003 service pack 2 (or later) is installed
    • BACK