ID CVE-2003-0910
Summary The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 12-10-2018 - 21:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2004-05-25T12:00:00.000-04:00
    class vulnerability
    contributors
    name Jonathan Baker
    organization The MITRE Corporation
    description The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
    family windows
    id oval:org.mitre.oval:def:890
    status accepted
    submitted 2004-04-13T12:00:00.000-04:00
    title Windows 2000 Local Descriptor Table Kernel Access Vulnerability
    version 63
  • accepted 2008-03-24T04:00:53.973-04:00
    class vulnerability
    contributors
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Jonathan Baker
      organization The MITRE Corporation
    definition_extensions
    comment Microsoft Windows NT is installed
    oval oval:org.mitre.oval:def:36
    description The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
    family windows
    id oval:org.mitre.oval:def:911
    status accepted
    submitted 2004-04-13T12:00:00.000-04:00
    title Windows NT Local Descriptor Table Kernel Access Vulnerability
    version 68
refmap via4
bid 10122
cert TA04-104A
cert-vn VU#122076
ciac O-114
eeye AD20040413D
fulldisc 20040413 EEYE: Windows Expand-Down Data Segment Local Privilege Escalation
ms MS04-011
xf win-ldt-gain-privileges(15707)
Last major update 12-10-2018 - 21:33
Published 01-06-2004 - 04:00
Back to Top