Detections
Analytics

CVE-2004-0118

high

Description

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1718

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1512

https://exchange.xforce.ibmcloud.com/vulnerabilities/15714

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

http://www.us-cert.gov/cas/techalerts/TA04-104A.html

http://www.securityfocus.com/bid/10117

http://www.kb.cert.org/vuls/id/783748

http://www.eeye.com/html/Research/Advisories/AD20040413E.html

http://www.ciac.org/ciac/bulletins/o-114.shtml

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020070.html

Details

Source: Mitre, NVD

Published: 2004-06-01

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High