| Vulnerability Name: | CVE-2004-0124 (CCN-15711) | ||||||||||||||||||||
| Assigned: | 2004-04-13 | ||||||||||||||||||||
| Published: | 2004-04-13 | ||||||||||||||||||||
| Updated: | 2018-10-12 | ||||||||||||||||||||
| Summary: | The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." | ||||||||||||||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||||||||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2004-0124 Source: CCN Type: SA11065 Microsoft Windows RPC/DCOM Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 11065 Source: CCN Type: CIAC Information Bulletin O-115 Microsoft Cumulative Update for RPC/DCOM Source: CIAC Type: UNKNOWN O-115 Source: CCN Type: US-CERT VU#212892 Microsoft Windows creates COM object identifiers incorrectly Source: CERT-VN Type: Patch, Third Party Advisory, US Government Resource VU#212892 Source: CCN Type: Microsoft Security Bulletin MS04-012 Cumulative Update for Microsoft RPC/DCOM (828741) Source: CCN Type: Microsoft Security Bulletin MS04-029 Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) Source: CCN Type: Microsoft Security Bulletin MS05-051 Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400) Source: CCN Type: Microsoft Security Bulletin MS06-018 Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580) Source: BID Type: UNKNOWN 10121 Source: CCN Type: BID-10121 Microsoft Windows Object Identity Network Communication Vulnerability Source: CERT Type: Third Party Advisory, US Government Resource TA04-104A Source: CCN Type: Internet Security Systems Security Alert, April 13, 2004 Multiple Vulnerabilities in Microsoft Products Source: MS Type: UNKNOWN MS04-012 Source: XF Type: UNKNOWN win-objectidentifier-open-port(15711) Source: XF Type: UNKNOWN win-objectidentifier-open-port(15711) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1041 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1062 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1066 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1072 | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||