| ID |
CVE-2004-0208
|
| Summary |
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
|
| CVSS |
| Base: | 7.2 (as of 12-10-2018 - 21:34) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2004-11-17T10:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Ingrid Skoog | | organization | The MITRE Corporation |
| name | Ingrid Skoog | | organization | The MITRE Corporation |
| | description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | | family | windows | | id | oval:org.mitre.oval:def:1751 | | status | accepted | | submitted | 2004-10-13T11:27:00.000-04:00 | | title | Windows XP/Server 2003 (64-Bit) VDM Privilege Escalation Vulnerability | | version | 65 |
| accepted | 2004-12-09T08:46:00.000-04:00 | | class | vulnerability | | contributors | | name | Ingrid Skoog | | organization | The MITRE Corporation |
| | description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | | family | windows | | id | oval:org.mitre.oval:def:3161 | | status | accepted | | submitted | 2004-10-14T09:58:00.000-04:00 | | title | Windows XP VDM Privilege Escalation Vulnerability | | version | 64 |
| accepted | 2008-03-24T04:00:31.396-04:00 | | class | vulnerability | | contributors | | name | Ingrid Skoog | | organization | The MITRE Corporation |
| name | John Hoyland | | organization | Centennial Software |
| name | Jonathan Baker | | organization | The MITRE Corporation |
| | definition_extensions | | comment | Microsoft Windows NT is installed | | oval | oval:org.mitre.oval:def:36 |
| | description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | | family | windows | | id | oval:org.mitre.oval:def:3953 | | status | accepted | | submitted | 2004-10-13T12:05:00.000-04:00 | | title | Windows NT VDM Privilege Escalation Vulnerability | | version | 76 |
| accepted | 2004-11-17T10:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Ingrid Skoog | | organization | The MITRE Corporation |
| | description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | | family | windows | | id | oval:org.mitre.oval:def:4316 | | status | accepted | | submitted | 2004-10-13T11:08:00.000-04:00 | | title | Windows 2000 VDM Privilege Escalation Vulnerability | | version | 64 |
| accepted | 2004-11-17T10:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Ingrid Skoog | | organization | The MITRE Corporation |
| | description | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | | family | windows | | id | oval:org.mitre.oval:def:4762 | | status | accepted | | submitted | 2004-10-13T12:02:00.000-04:00 | | title | Windows NT Terminal Server VDM Privilege Escalation Vulnerability | | version | 65 |
|
| refmap
via4
|
| bugtraq | 20041013 EEYE: Windows VDM #UD Local Privilege Escalation | | cert-vn | VU#910998 | | xf | - win-ms04032-patch(17658)
- win-vdm-gain-privilege(16580)
|
|
| Last major update |
12-10-2018 - 21:34 |
| Published |
03-11-2004 - 05:00 |
| Last modified |
12-10-2018 - 21:34 |
