CVE-2004-0893

Description

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

Related CPE's

Could not find any relations

References

win-kernel-lpc-gain-privileges(18339)

oval:org.mitre.oval:def:450

oval:org.mitre.oval:def:4458

oval:org.mitre.oval:def:4021

oval:org.mitre.oval:def:2008

oval:org.mitre.oval:def:1886

oval:org.mitre.oval:def:1581

oval:org.mitre.oval:def:1561

oval:org.mitre.oval:def:1321

MS04-044

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:L/AC:L/Au:N/C:C/I:C/A:C

AccessVector

LOCAL

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

7.199999809265137

Created by Yello
About Severity.io