CVE-2004-2359

Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet <3.10.39.0 ...

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2359. PoCs published by Ian Vitek.

AI-analyzed exploit summary The exploit describes a privilege escalation vulnerability in Dell TrueMobile 1300 Wireless System Tray Applet due to improper privilege dropping. An attacker can leverage the GUI to spawn arbitrary processes with SYSTEM privileges.

Description

Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ian Vitek · textlocalwindows

https://www.exploit-db.com/exploits/23739

View Code ZIP pw:eip

The exploit describes a privilege escalation vulnerability in Dell TrueMobile 1300 Wireless System Tray Applet due to improper privilege dropping. An attacker can leverage the GUI to spawn arbitrary processes with SYSTEM privileges.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Dell TrueMobile 1300 Wireless System Tray Applet version 3.10.39.0

Auth required

Prerequisites: Local access to the system · Dell TrueMobile 1300 Wireless System Tray Applet installed

MITRE ATT&CK