Info

Disclosure

Apr 13, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Windows contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker is able to create a task which will execute with System privileges. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Authentication Management
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows	XP
		XP SP1
		XP 64-Bit SP1

References

OVAL ID: 1004
Bugtraq ID: 10125
Secunia Advisory ID: 11064
ISS X-Force ID: 15678 15818
CVE ID: 2003-0909 (see also: NVD)
CERT VU: 206468
Related OSVDB ID: 5248 5249 5250 5251 5252 5253 5254 5256 5257 5258 5259 5260 5261
Microsoft Security Bulletin: MS04-011
CIAC Advisory: o-114
US-CERT Cyber Security Alert: TA04-104A

Credit

Erik Kamphuis - logicacmg

Direct URL: http://osvdb.org/5255

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Windows

References

Credit