CVE-2003-0910
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
26.0%
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Affected configurations
References
lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html
www.ciac.org/ciac/bulletins/o-114.shtml
www.eeye.com/html/Research/Advisories/AD20040413D.html
www.kb.cert.org/vuls/id/122076
www.securityfocus.com/bid/10122
www.us-cert.gov/cas/techalerts/TA04-104A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
exchange.xforce.ibmcloud.com/vulnerabilities/15707
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
26.0%