CVE-2004-0207

high

Description

"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17658

https://exchange.xforce.ibmcloud.com/vulnerabilities/16579

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-032

http://www.kb.cert.org/vuls/id/218526

http://marc.info/?l=bugtraq&m=109777417922695&w=2

Details

Source: Mitre, NVD

Published: 2004-11-03

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High