Description
The software does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate channel through which an attacker can directly send a message to the product.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
CWE-420
CWE-360
Consequences
Access Control: Gain Privileges or Assume Identity, Bypass Protection Mechanism
Potential Mitigations
Phase: Architecture and Design
Description:
Always verify and authenticate the source of the message.
CVE References
- CVE-2003-0350
- A control allows a change to a pointer for a callback function using Windows message.
- CVE-2003-0908
- Product launches Help functionality while running with raised privileges, allowing command execution using Windows message to access “open file” dialog.
- CVE-2004-0213
- Attacker uses Shatter attack to bypass GUI-enforced protection for CVE-2003-0908.
- CVE-2004-0207
- User can call certain API functions to modify certain properties of privileged programs.
