| Vulnerability Name: | CVE-2004-0208 (CCN-16580) | ||||||||||||||||||||||||
| Assigned: | 2004-10-12 | ||||||||||||||||||||||||
| Published: | 2004-10-12 | ||||||||||||||||||||||||
| Updated: | 2018-10-12 | ||||||||||||||||||||||||
| Summary: | The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Oct 12 2004 - 23:45:50 CDT EEYE: Windows VDM #UD Local Privilege Escalation Source: MITRE Type: CNA CVE-2004-0208 Source: BUGTRAQ Type: UNKNOWN 20041013 EEYE: Windows VDM #UD Local Privilege Escalation Source: CCN Type: CIAC Information Bulletin P-008 Microsoft Security Update for Microsoft Windows (840987) Source: CCN Type: US-CERT VU#910998 Microsoft Windows kernel fails to properly handle invalid opcodes used in DOS emulation Source: CERT-VN Type: Patch, Third Party Advisory, US Government Resource VU#910998 Source: CCN Type: Microsoft Security Bulletin MS04-032 Security Update for Microsoft Windows (840987) Source: CCN Type: Microsoft Security Bulletin MS05-018 Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) Source: CCN Type: BID-11369 Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability Source: MS Type: UNKNOWN MS04-032 Source: XF Type: UNKNOWN win-vdm-gain-privilege(16580) Source: XF Type: UNKNOWN win-vdm-gain-privilege(16580) Source: XF Type: UNKNOWN win-ms04032-patch(17658) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1751 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:3161 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:3953 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:4316 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:4762 | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||