CVE-2003-0897 — MEDIUM severity vulnerability ("Shatter" vulnerability in CommCtl32.dll in Windows XP may a)
"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.
| CVE ID | CVE-2003-0897 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 4.6 |
| CVSS vector | AV:L/AC:L/Au:N/C:P/I:P/A:P |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2003-11-17 |
| Last modified | 2026-04-16 |
| Description | "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →