CWE-422
Unprotected Windows Messaging Channel ('Shatter')
Draft
2006-07-19
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Nom: Unprotected Windows Messaging Channel ('Shatter')
The product does not properly verify the source of a message in the Windows Messaging System while running at elevated privileges, creating an alternate channel through which an attacker can directly send a message to the product.
Informations générales
Modes d'introduction
Architecture and DesignPlateformes applicables
Langue
Class: Not Language-Specific (Undetermined)Conséquences courantes
| Portée | Impact | Probabilité |
|---|---|---|
| Access Control | Gain Privileges or Assume Identity, Bypass Protection Mechanism |
Exemples observés
| Références | Description |
|---|---|
CVE-2002-0971 | Bypass GUI and access restricted dialog box. |
CVE-2002-1230 | Gain privileges via Windows message. |
CVE-2003-0350 | A control allows a change to a pointer for a callback function using Windows message. |
CVE-2003-0908 | Product launches Help functionality while running with raised privileges, allowing command execution using Windows message to access "open file" dialog. |
CVE-2004-0213 | Attacker uses Shatter attack to bypass GUI-enforced protection for CVE-2003-0908. |
CVE-2004-0207 | User can call certain API functions to modify certain properties of privileged programs. |
Mesures d’atténuation potentielles
Phases : Architecture and DesignAlways verify and authenticate the source of the message.
Notes de cartographie des vulnérabilités
Justification : This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
NotesNotes
Overlaps privilege errors and UI errors.Possibly under-reported, probably under-studied. It is suspected that a number of publicized vulnerabilities that involve local privilege escalation on Windows systems may be related to Shatter attacks, but they are not labeled as such.
Alternate channel attacks likely exist in other operating systems and messaging models, e.g. in privileged X Windows applications, but examples are not readily available.
Références
REF-402
Exploiting design flaws in the Win32 API for privilege escalation. Or... Shatter Attacks - How to break WindowsPaget.
http://web.archive.org/web/20060115174629/http://security.tombom.co.uk/shatter.html
REF-62
The Art of Software Security AssessmentMark Dowd, John McDonald, Justin Schuh.
REF-62
The Art of Software Security AssessmentMark Dowd, John McDonald, Justin Schuh.
Soumission
| Nom | Organisation | Date | Date de publication | Version |
|---|---|---|---|---|
| PLOVER | Draft 3 |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| Eric Dalci | Cigital | updated Potential_Mitigations, Time_of_Introduction | |
| CWE Content Team | MITRE | updated Relationships, Other_Notes, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Other_Notes, Relationship_Notes, Research_Gaps | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated References, Relationships | |
| CWE Content Team | MITRE | updated Potential_Mitigations | |
| CWE Content Team | MITRE | updated Relationships, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
