Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2004-0210
PUBLISHEDThe POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by...
- Vendor
- Microsoft
- Product
- Windows NT, Windows 2000
- Published
- Jul 14, 2004
- EPSS
- —
Description
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
CVSS scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitation status
Exploited in the wild
Recorded 2022-03-03 00:00:00 UTC · Source
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
References
- http://www.us-cert.gov/cas/techalerts/TA04-196A.html
- http://www.kb.cert.org/vuls/id/647436
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16590
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Mar 03, 2022 |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel