6.9 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.028 Low
EPSS
Percentile
90.5%
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_nt | microsoft windows nt | eq | 4.0 |
microsoft:windows_2000 | microsoft windows 2000 | eq | * |
lists.grok.org.uk/pipermail/full-disclosure/2004-April/020070.html
www.ciac.org/ciac/bulletins/o-114.shtml
www.eeye.com/html/Research/Advisories/AD20040413E.html
www.kb.cert.org/vuls/id/783748
www.securityfocus.com/bid/10117
www.us-cert.gov/cas/techalerts/TA04-104A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
exchange.xforce.ibmcloud.com/vulnerabilities/15714
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1512
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1718