Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2014-4971

🗓️ 26 Jul 2014 15:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 68 Views🌐 WEB

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, allowing local users to write data to arbitrary memory locations

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Microsoft XP SP3 BthPan.sys - Arbitrary Write Privilege Escalation
22 Jul 201400:00
zdt
0day.today		Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation Exploit
22 Jul 201400:00
zdt
0day.today		MQAC.sys Arbitrary Write Privilege Escalation Exploit
25 Jul 201400:00
zdt
0day.today		Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
16 Oct 201400:00
zdt
Circl		CVE-2014-4971
25 Jul 201400:00
circl
Cvelist		CVE-2014-4971
26 Jul 201415:00
cvelist
Exploit DB		Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation
19 Jul 201400:00
exploitdb
Exploit DB		Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation
21 Jul 201400:00
exploitdb
Exploit DB		Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
25 Jul 201400:00
exploitdb
Exploit DB		Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Local Privilege Escalation (Metasploit)
15 Oct 201400:00
exploitdb
Rows per page
NVD
Node
microsoftwindows_xpsp3
ParameterPositionPathDescriptionCWE
0x0012d814path\\.\\bthpanPrivilege escalation via IOCTL handling in BthPan.sys with HalDispatchTable corruption on Windows XP SP3.CWE-20
0x1path\\.\\bthpanPrivilege escalation via IOCTL handling in BthPan.sys with HalDispatchTable corruption on Windows XP SP3.CWE-20
0x258path\\.\\bthpanPrivilege escalation via IOCTL handling in BthPan.sys with HalDispatchTable corruption on Windows XP SP3.CWE-20

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 May 2026 22:30Current
6.2Medium risk
Vulners AI Score6.2
CVSS 27.2
EPSS0.23441
CWE-20
microsoftwindows xpsp3irphandler routineslocal usersmemory locationsprivilegesioctlmqac.sysmq access control subsystembthpan.sysbluetooth personal area networking subsystemsecurity vulnerabilitynvdcve-2014-4971
68