Detections
Analytics

CVE-2004-1080

critical

Description

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4831

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4372

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3677

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2734

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2541

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1549

https://exchange.xforce.ibmcloud.com/vulnerabilities/18259

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-045

http://xforce.iss.net/xforce/alerts/id/184

http://www.securityfocus.com/bid/11763

http://www.osvdb.org/12378

http://www.kb.cert.org/vuls/id/145134

http://www.immunitysec.com/downloads/instantanea.pdf

http://www.ciac.org/ciac/bulletins/p-054.shtml

http://support.microsoft.com/kb/890710

http://securitytracker.com/id?1012516

http://secunia.com/advisories/13328/

http://marc.info/?l=bugtraq&m=110150370506704&w=2

Details

Source: Mitre, NVD

Published: 2005-01-10

Updated: 2019-04-30

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical