Microsoft Windows XP allows attacker to execute programs using hotkeys without authentication
| winxp-hotkey-execute-programs (7713) |  Low Risk |
Description:
Microsoft Windows XP allows a local attacker to execute programs using hotkeys even when the system is locked. Only programs with a hotkey combination configured can be executed.
Consequences:
Gain Access
Remedy:
No remedy available as of June 1, 2013.
References:
- BugTraq Mailing List, Mon Dec 17 2001 - 13:24:33 CST: Hot keys permissions bypass under XP.
- BID-3703: Microsoft Windows XP Unauthorized Hotkey Program Execution Vulnerability
- CVE-2001-1200: Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys.
- OSVDB ID: 13440: Microsoft Windows XP Hot Keys Screen Lock Bypass
Platforms Affected:
- Microsoft Windows XP
Reported:
Dec 17, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this