CVE-2002-1230: CVE-2002-1230

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-1230

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Windows WM_TIMER消息处理权限提升漏洞(MS02-071)

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Windows消息提供对用户事件的交互处理(如击键或鼠标移动)和与其他交互进程通信。WM_TIMER消息一般在某一计时器超时时发送，可以用来使进程执行计时回调函数。 WM_TIMER消息存在安全问题，本地或者利用终端服务访问攻击者可以利用这个漏洞使用WM_TIMER消息利用其他高权限进程执行回调函数，造成权限提升。 WM_TIMER的安全漏洞可以导致在交互桌面上的某一进程使用WM_TIME消息，触发另一进程在它选择的地址上执行回调函数，而且即使第二个进程没有设置任何计时器。如果第二个进程的权限高于第一个，

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-1230

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-1230

Please Login to view more intelligence information

http://www.packetstormsecurity.nl/filedesc/GetAd.c.htmlx_refsource_MISC
http://getad.chat.ru/x_refsource_MISC
http://www.securityfocus.com/bid/5927vdb-entryx_refsource_BID
http://www.ciac.org/ciac/bulletins/n-027.shtmlthird-party-advisorygovernment-resourcex_refsource_CIAC
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-071vendor-advisoryx_refsource_MS
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A681vdb-entrysignaturex_refsource_OVAL
http://www.iss.net/security_center/static/10343.phpvdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2002-1230

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2002-1230

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2002-1230

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-1230

III. Intelligence Information for CVE-2002-1230

IV. Related Vulnerabilities

V. Comments for CVE-2002-1230

Leave a comment