Local Privilege Escalation in Microsoft Windows
CVE-2004-0207

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows 2000; Windows 2003 Server; Windows 98
Vendor: CVE Published:; 3 November 2004

Summary

This vulnerability allows local users to escalate their privileges by manipulating specific functions within the Windows Management API. By utilizing the SetWindowLong and SetWindowLongPtr API functions, unauthorized users can change the properties of privileged programs, potentially leading to unauthorized access and control over system functionalities. The issue affects multiple versions of Microsoft Windows, making it critical for users and administrators to apply security patches and updates to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16579

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=109777417922695&w=2

mailing-listx_refsource_BUGTRAQ

http://www.kb.cert.org/vuls/id/218526

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Nov 3, 2004
Vulnerability Reserved
Mar 11, 2004