CVE-2004-0118

5 documents5 sources

Severity

7.2HIGH

EPSS

12.6%

top 6.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows NT

Timeline

PublishedJun 1

Latest updateApr 29

Description

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.eeye.com ↗Patch: www.kb.cert.org ↗Patch: www.eeye.com ↗

🔴Vulnerability Details

GHSA

GHSA-p2pv-p9gr-65xh: The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4↗2022-04-29

▶

CVEList

CVE-2004-0118: The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4↗2004-04-16

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Office 2000/2003/2004/XP - File Memory Corruption↗2008-03-07

▶

💬Community

Bugzilla

CVE-2004-1808 metamail symlink attack↗2005-05-13

▶