Local Code Execution Vulnerability in NetDDE Agent on Microsoft Windows
CVE-2002-1230

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows 2000 Terminal Services
Windows 2000
Vendor
CVE Published:
4 November 2002

What is CVE-2002-1230?

The NetDDE Agent software in multiple versions of Microsoft Windows allows local users to execute arbitrary code at the LocalSystem level through a vulnerability in the handling of WM_TIMER messages. By exploiting this weakness with a specially crafted WM_COPYDATA message followed by a WM_TIMER message, attackers can perform a 'shatter' style attack. This flaw potentially leads to privilege escalation, enabling unauthorized access to system resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.ciac.org/ciac/bulletins/n-027.shtml
third-party-advisorygovernment-resourcex_refsource_CIAC
http://www.securityfocus.com/bid/5927
vdb-entryx_refsource_BID
http://www.packetstormsecurity.nl/filedesc/GetAd.c.html
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.