CVE-2002-1230

NetDDE Agent - RCE

Title source: llm
STIX 2.1

Description

NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."

Exploits (10)

exploitdb WORKING POC VERIFIED
by Serus · clocalwindows
https://www.exploit-db.com/exploits/21923
exploitdb WORKING POC VERIFIED
by Serus · clocalwindows
https://www.exploit-db.com/exploits/21922
exploitdb WRITEUP VERIFIED
by anonymous · textlocalwindows
https://www.exploit-db.com/exploits/21691
exploitdb WRITEUP VERIFIED
by Ovidio Mallo · textlocalwindows
https://www.exploit-db.com/exploits/21690
exploitdb WORKING POC VERIFIED
by Brett Moore · clocalwindows
https://www.exploit-db.com/exploits/21689
exploitdb WORKING POC VERIFIED
by Oliver Lavery · clocalwindows
https://www.exploit-db.com/exploits/21688
exploitdb WORKING POC VERIFIED
by Brett Moore · clocalwindows
https://www.exploit-db.com/exploits/21687
exploitdb WORKING POC VERIFIED
by Brett Moore · clocalwindows
https://www.exploit-db.com/exploits/21686
exploitdb WORKING POC VERIFIED
by Oliver Lavery · clocalwindows
https://www.exploit-db.com/exploits/21685
exploitdb WORKING POC VERIFIED
by sectroyer · clocalwindows
https://www.exploit-db.com/exploits/21684

References (7)

Scores

EPSS 0.0079
EPSS Percentile 73.9%

Details

Status published
Products (2)
microsoft/windows_2000 (4 CPE variants)
microsoft/windows_2000_terminal_services (4 CPE variants)
Published Nov 04, 2002
Tracked Since Feb 18, 2026