Title: Microsoft Windows XP Unauthorized Hotkey Program Execution Vulnerability
Severity: MODERATE
Description:
An issue exists on Windows XP which could allow for unauthorized users to execute arbitrary programs on a locked workstation.
When a Windows XP system is left idle for a certain amount of time, by design, the system locks requiring the user to enter authentication information in order to unlock the workstation.
Reportedly, when a workstation is locked it is possible to initiate programs residing on the system. This is accomplished through the use of Hotkeys, depending on the Hotkey associated with a program, it can be initiated by selecting the appropriate Hotkey combination.
Successful exploitation of this vulnerability will allow an unauthorized user to utilize programs with the permissions of the originally logged in user despite the console being 'locked'.
Affected Products:
- Microsoft Windows XP
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
