6.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
14.3%
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka “Windows Kernel Vulnerability.”
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044
exchange.xforce.ibmcloud.com/vulnerabilities/18339
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1321
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1561
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1581
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1886
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2008
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4021
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4458
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A450