CVE-2001-0015

Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.

Published: Mar 12, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0015
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_2000	-	-

http://www.atstake.com/research/advisories/2001/a020501-1.txt
http://www.securityfocus.com/bid/2341
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-007
https://exchange.xforce.ibmcloud.com/vulnerabilities/6062

Vulnerability Database

289,599

CVE-2001-0015