CVE-2004-0208

3 documents3 sources

Severity

7.2HIGH

EPSS

2.8%

top 13.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server Microsoft Windows NT

Timeline

PublishedNov 3

Latest updateApr 29

Description

The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

▶NVDmicrosoft/windows_2003_serverr2

▶NVDmicrosoft/windows_nt4.0

Patches

Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-xxrx-ph32-wwrp: The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4↗2022-04-29

▶

CVEList

CVE-2004-0208: The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4↗2004-10-16

▶