source: http://www.securityfocus.com/bid/9714/info It has been reported that a privilege escalation vulnerability exists in the Dell TrueMobile 1300 Wireless System Tray Applet. The issue is due to the software starting with SYSTEM privileges, to enable access to the wireless hardware, and subsequently failing to drop them. This may allow a local attacker to manipulate the GUI of the vulnerable application to spawn arbitrary processes with the privileges of the affected process. Although only version 18.104.22.168 of the utility has been reported vulnerable, it is likely that other versions are prone as well. After launching the affected application, right click in the application window and choose Help -> Help Files and then from the help; Jump to URL C:\WINDOWS\SYSTEM32\CMD.EXE After launching the affected application, right click in the application window and choose Help -> About. By clicking on a link, Internet Explorer will start with SYSTEM privileges.
Related ExploitsTrying to match CVEs (1): CVE-2004-2359
Trying to match OSVDBs (1): 4024
Other Possible E-DB Search Terms: Dell TrueMobile 1300 WLAN System 22.214.171.124 Tray Applet, Dell TrueMobile
|2005-12-07||Dell TrueMobile 2300 - Remote Credential Reset||TNull|