CVE-2004-0213 : Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which all

Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.

Published 2004-08-06 04:00:00

Updated 2024-02-14 17:25:54

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-0213

Probability of exploitation activity in the next 30 days: 1.20%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0213

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2004-0213

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2004-0213

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-019

Microsoft Security Bulletin MS04-019 - Important | Microsoft Learn
Patch;Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Page Not Found | CISA
Broken Link;Patch;Third Party Advisory;US Government Resource

CVEs referencing this url
http://marc.info/?l=bugtraq&m=108975382413405&w=2

'Microsoft Window Utility Manager Local Elevation of Privileges' - MARC
Mailing List
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2495

404 Not Found
Broken Link
http://www.kb.cert.org/vuls/id/868580

VU#868580 - Microsoft Windows Utility Manager launches applications with system privileges
Third Party Advisory;US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/16592

Microsoft Windows Utility Manager gain privileges CVE-2004-0213 Vulnerability Report
Third Party Advisory;VDB Entry

Products affected by CVE-2004-0213

Microsoft » Windows 2000 » Version: N/A Update SP2
cpe:2.3:o:microsoft:windows_2000:-:sp2:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Version: N/A Update SP3
cpe:2.3:o:microsoft:windows_2000:-:sp3:*:*:*:*:*:*
Matching versions
Microsoft » Windows 2000 » Version: N/A Update SP4
cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2004-0213

Exploit prediction scoring system (EPSS) score for CVE-2004-0213

CVSS scores for CVE-2004-0213

CWE ids for CVE-2004-0213

References for CVE-2004-0213

Products affected by CVE-2004-0213