7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.028 Low
EPSS
Percentile
90.7%
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_2000 | microsoft windows 2000 | eq | * |
microsoft:windows_nt | microsoft windows nt | eq | 4.0 |
lists.grok.org.uk/pipermail/full-disclosure/2004-April/020070.html
www.ciac.org/ciac/bulletins/o-114.shtml
www.eeye.com/html/Research/Advisories/AD20040413E.html
www.kb.cert.org/vuls/id/783748
www.securityfocus.com/bid/10117
www.us-cert.gov/cas/techalerts/TA04-104A.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
exchange.xforce.ibmcloud.com/vulnerabilities/15714
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1512
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1718