Lucene search

[email protected]CVE-2004-0118

HistoryJun 01, 2004 - 4:00 a.m.

CVE-2004-0118

2004-06-0104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

vdm

windows

nt 4.0

windows 2000

cve-2004-0118

memory validation

arbitrary code

nvd

security vulnerability

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.5%

JSON

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

CPENameOperatorVersion
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_2000	microsoft windows 2000	eq	*

References

lists.grok.org.uk/pipermail/full-disclosure/2004-April/020070.html

www.ciac.org/ciac/bulletins/o-114.shtml

www.eeye.com/html/Research/Advisories/AD20040413E.html

www.kb.cert.org/vuls/id/783748

www.securityfocus.com/bid/10117

www.us-cert.gov/cas/techalerts/TA04-104A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

exchange.xforce.ibmcloud.com/vulnerabilities/15714

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1512

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1718

6.9 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2004-0118

cert1 nessus1 securityvulns2 openvas1