| Vulnerability Name: | CVE-2002-1230 (CCN-10343) | ||||||||
| Assigned: | 2002-10-06 | ||||||||
| Published: | 2002-10-06 | ||||||||
| Updated: | 2019-04-30 | ||||||||
| Summary: | NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation." | ||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-1230 Source: CCN Type: getad.chat.ru Security Advisory 10.06.2002 Source: MISC Type: UNKNOWN http://getad.chat.ru/ Source: CCN Type: BugTraq Mailing List, 2003-01-12 14:22:18 A patch for "Windows WM_TIMER Message Handling flaw" causes random crashes on Windows NT Source: CCN Type: White paper: Next-Generation W32 exploits: fundamental API flaws Exploiting design flaws in the Win32 API for privilege escalation. Source: CCN Type: CIAC Information Bulletin N-027 Flaw in Windows WM_TIMER Message Handling Source: CIAC Type: UNKNOWN N-027 Source: XF Type: Vendor Advisory win-netdde-gain-privileges(10343) Source: CCN Type: Microsoft Security Bulletin MS02-071 Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation (328310) Source: CCN Type: Microsoft Security Bulletin MS04-011 Security Update for Microsoft Windows (835732) Source: CCN Type: Microsoft Security Bulletin MS04-031 Vulnerability in NetDDE Could Allow Remote Code Execution (841533) Source: CCN Type: Microsoft Security Bulletin MS04-032 Security Update for Microsoft Windows (840987) Source: CCN Type: OSVDB ID: 13416 Microsoft Windows NetDDE Agent WM_COPYDATA Message Arbitrary Code Execution (shatter) Source: MISC Type: Vendor Advisory http://www.packetstormsecurity.nl/filedesc/GetAd.c.html Source: CCN Type: BID-5408 Microsoft Windows Window Message Subsystem Design Error Vulnerability Source: BID Type: UNKNOWN 5927 Source: CCN Type: BID-5927 Microsoft Windows NetDDE Privilege Escalation Vulnerability Source: MS Type: UNKNOWN MS02-071 Source: XF Type: UNKNOWN win-netdde-gain-privileges(10343) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:681 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||