ID |
CVE-2004-0208
|
Summary |
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
|
CVSS |
Base: | 7.2 (as of 12-10-2018 - 21:34) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
oval
via4
|
accepted | 2004-11-17T10:00:00.000-04:00 | class | vulnerability | contributors | name | Ingrid Skoog | organization | The MITRE Corporation |
name | Ingrid Skoog | organization | The MITRE Corporation |
| description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | family | windows | id | oval:org.mitre.oval:def:1751 | status | accepted | submitted | 2004-10-13T11:27:00.000-04:00 | title | Windows XP/Server 2003 (64-Bit) VDM Privilege Escalation Vulnerability | version | 65 |
accepted | 2004-12-09T08:46:00.000-04:00 | class | vulnerability | contributors | name | Ingrid Skoog | organization | The MITRE Corporation |
| description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | family | windows | id | oval:org.mitre.oval:def:3161 | status | accepted | submitted | 2004-10-14T09:58:00.000-04:00 | title | Windows XP VDM Privilege Escalation Vulnerability | version | 64 |
accepted | 2008-03-24T04:00:31.396-04:00 | class | vulnerability | contributors | name | Ingrid Skoog | organization | The MITRE Corporation |
name | John Hoyland | organization | Centennial Software |
name | Jonathan Baker | organization | The MITRE Corporation |
| definition_extensions | comment | Microsoft Windows NT is installed | oval | oval:org.mitre.oval:def:36 |
| description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | family | windows | id | oval:org.mitre.oval:def:3953 | status | accepted | submitted | 2004-10-13T12:05:00.000-04:00 | title | Windows NT VDM Privilege Escalation Vulnerability | version | 76 |
accepted | 2004-11-17T10:00:00.000-04:00 | class | vulnerability | contributors | name | Ingrid Skoog | organization | The MITRE Corporation |
| description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | family | windows | id | oval:org.mitre.oval:def:4316 | status | accepted | submitted | 2004-10-13T11:08:00.000-04:00 | title | Windows 2000 VDM Privilege Escalation Vulnerability | version | 64 |
accepted | 2004-11-17T10:00:00.000-04:00 | class | vulnerability | contributors | name | Ingrid Skoog | organization | The MITRE Corporation |
| description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | family | windows | id | oval:org.mitre.oval:def:4762 | status | accepted | submitted | 2004-10-13T12:02:00.000-04:00 | title | Windows NT Terminal Server VDM Privilege Escalation Vulnerability | version | 65 |
|
refmap
via4
|
bugtraq | 20041013 EEYE: Windows VDM #UD Local Privilege Escalation | cert-vn | VU#910998 | xf | - win-ms04032-patch(17658)
- win-vdm-gain-privilege(16580)
|
|
Last major update |
12-10-2018 - 21:34 |
Published |
03-11-2004 - 05:00 |
Last modified |
12-10-2018 - 21:34 |