7.5 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
24.9%
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_nt | microsoft windows nt | eq | 4.0 |
microsoft:windows_2000 | microsoft windows 2000 | eq | * |
lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html
www.ciac.org/ciac/bulletins/o-114.shtml
www.eeye.com/html/Research/Advisories/AD20040413D.html
www.kb.cert.org/vuls/id/122076
www.securityfocus.com/bid/10122
www.us-cert.gov/cas/techalerts/TA04-104A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
exchange.xforce.ibmcloud.com/vulnerabilities/15707
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911