CVE-2004-0893
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.6%
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka “Windows Kernel Vulnerability.”
Affected configurations
References
docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044
exchange.xforce.ibmcloud.com/vulnerabilities/18339
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1321
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1561
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1581
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1886
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2008
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4021
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4458
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A450
Related
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.6%