{"vuid":"VU#206468","idnumber":"206468","name":"Microsoft Windows XP creates tasks with elevated privileges","keywords":["Microsoft","Windows XP create task","elevated privileges","Q835732","MS04-011"],"overview":"Microsoft Windows XP contains a vulnerability in the way that tasks are created that may permit an authenticated user to launch applications with elevated privileges.","clean_desc":"Microsoft Windows creates tasks when a user launches an application. A vulnerability in the way that Windows XP creates the tasks may permit an authenticated user to launch applications with \"SYSTEM\" privileges.","impact":"An authenticated user can exploit this vulnerability to launch applications with \"SYSTEM\" privileges.","resolution":"Apply a patch from the vendor Microsoft Security Bulletin MS04-011 contains patch information to resolve this issue.","workarounds":"","sysaffected":"","thanks":"Thanks to Erik Kamphuis for reporting this vulnerability.","author":"This document was written by Jason A Rafail.","public":["h","t","t","p",":","/","/","w","w","w",".","m","i","c","r","o","s","o","f","t",".","c","o","m","/","t","e","c","h","n","e","t","/","s","e","c","u","r","i","t","y","/","b","u","l","l","e","t","i","n","/","m","s","0","4","-","0","1","1",".","m","s","p","x"],"cveids":["CAN-2003-0909"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2020-05-21T16:11:50.251953Z","publicdate":"2004-04-13T00:00:00Z","datefirstpublished":"2004-04-14T14:07:01Z","dateupdated":"2004-09-13T14:30:00Z","revision":8,"vrda_d1_directreport":null,"vrda_d1_population":null,"vrda_d1_impact":null,"cam_widelyknown":null,"cam_exploitation":null,"cam_internetinfrastructure":null,"cam_population":null,"cam_impact":null,"cam_easeofexploitation":null,"cam_attackeraccessrequired":null,"cam_scorecurrent":null,"cam_scorecurrentwidelyknown":null,"cam_scorecurrentwidelyknownexploited":null,"ipprotocol":null,"cvss_accessvector":null,"cvss_accesscomplexity":null,"cvss_authentication":null,"cvss_confidentialityimpact":null,"cvss_integrityimpact":null,"cvss_availabilityimpact":null,"cvss_exploitablity":null,"cvss_remediationlevel":null,"cvss_reportconfidence":null,"cvss_collateraldamagepotential":null,"cvss_targetdistribution":null,"cvss_securityrequirementscr":null,"cvss_securityrequirementsir":null,"cvss_securityrequirementsar":null,"cvss_basescore":"N/A","cvss_basevector":"N/A","cvss_temporalscore":"N/A","cvss_environmentalscore":"N/A","cvss_environmentalvector":"N/A","metric":18.5625,"vulnote":null}