ISS X-Force Database: win-mngmt-api-gain-privileges(16579): Microsoft Windows Window Management API allows elevated privileges

Microsoft Windows Window Management API allows elevated privileges

win-mngmt-api-gain-privileges (16579)

High Risk

Description:

Microsoft Windows could allow a local attacker to gain elevated privileges on the system, caused by a vulnerability with certain Window Management application programming interface (API) functions. A local attacker could create a specially-crafted program that modifies the properties of another program that is running with a higher level of privilege, which could allow the attacker to gain elevated privileges.

Consequences:

Gain Privileges

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS04-032. See References.

For Windows Server 2003:
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS05-018. See References.

Microsoft originally provided a patch for this vulnerability in MS04-032, but it was superseded by the patch released with MS05-018.

References:

BugTraq Mailing List, Wed Oct 13 2004 - 18:13:34 CDT: SetWindowLong Shatter Attacks.
CIAC Information Bulletin P-008: Microsoft Security Update for Microsoft Windows (840987).
Microsoft Security Bulletin MS04-032: Security Update for Microsoft Windows (840987).
Microsoft Security Bulletin MS05-018: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859).
BID-11378: Microsoft Window Management API Local Privilege Escalation Vulnerability
CVE-2004-0207: Shatter style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.
US-CERT VU#218526: Microsoft Windows contains vulnerability in Window Management API

Platforms Affected:

Microsoft Windows 2000 SP3
Microsoft Windows 2000 SP4
Microsoft Windows 2003 Server x64
Microsoft Windows 2003 Server
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows Me
Microsoft Windows NT 4.0 SP6a Server
Microsoft Windows NT 4.0 SP6 Terminal Server
Microsoft Windows XP 2003 x64
Microsoft Windows XP
Microsoft Windows XP SP1
Microsoft Windows XP SP1 x64

Reported:

Oct 12, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page