PT-2004-1929 · Microsoft · Windows Server 2003+4

Published

2004-12-15

Updated

2019-04-30

CVE-2004-0893

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Windows Kernel versions for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003

Description: The issue is related to the Local Procedure Call (LPC) interface of the Windows Kernel, which does not properly validate the lengths of messages sent to the LPC port. This allows local users to gain privileges.

Recommendations: For Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0893

Affected Products

Windows 2000

Windows Kernel

Windows Nt 4.0

Windows Server 2003

Windows Xp

PT-2004-1929 · Microsoft · Windows Server 2003+4

CVE-2004-0893

Related Identifiers

Affected Products

References · 11