⚠ Actively exploited
Added to CISA KEV on 2022-03-03. Federal agencies required to patch by 2022-03-24. Required action: Apply updates per vendor instructions..

CVE-2004-0210Classic Buffer Overflow in Microsoft Interix

CWE-120Classic Buffer Overflow6 documents6 sources
Severity
7.8HIGHNVD
EPSS
5.1%
top 10.14%
CISA KEV
KEV
Added 2022-03-03
Due 2022-03-24
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Microsoft InterixMicrosoft Windows NT
Timeline
PublishedAug 6
KEV addedMar 3
KEV dueMar 24
Latest updateApr 29
CISA Required Action: Apply updates per vendor instructions.

Description

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: www.kb.cert.orgPatch: www.us-cert.govPatch: docs.microsoft.com

🔴Vulnerability Details

3
GHSA
GHSA-867p-9w54-69hp: The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifyin2022-04-29
CVEList
CVE-2004-0210: The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifyin2004-07-14
VulnCheck
Microsoft Windows Privilege Escalation Vulnerability2004

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows NT 4.0/2000 - POSIX Subsystem Local Buffer Overflow / Local Privilege Escalation (MS04-020)2004-07-16

📋Vendor Advisories

1
CISA
Microsoft Windows Privilege Escalation Vulnerability2022-03-03
CVE-2004-0210 — Classic Buffer Overflow in Microsoft | cvebase