VULHUB ™

Network DDE (Dynamic Data Exchange) allows processes to communicate information across a network via a trusted share. An IPC window (Network DDE Agent) enables communication between processes. Using a command function such as WM_COPYDATA, it is possible for a message to be sent through the Net DDE Agent to a trusted share with a process associated with that share. Unfortunately NetDDE Agent runs in the LOCAL SYSTEM context, therefore a local user can specify arbitrary code to be run at SYSTEM privileges.

Network DDE (Dynamic Data Exchange) allows processes to communicate information across a network via a trusted share. An IPC window (Network DDE Agent) enables communication between processes. Using a command function such as WM_COPYDATA, it is possible for a message to be sent through the Net DDE Agent to a trusted share with a process associated with that share. Unfortunately NetDDE Agent runs in the LOCAL SYSTEM context, therefore a local user can specify arbitrary code to be run at SYSTEM privileges.