Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0910

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2003-0910
Last Modified 10 Sep 2008 03:20:55
Published 01 Jun 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0910

Summary

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Nt 4.0


References

CERT-VN - VU#122076

CERT - TA04-104A

EEYE - AD20040413D

MS - MS04-011

FULLDISC - 20040413 EEYE: Windows Expand-Down Data Segment Local Privilege Escalation

XF - win-ldt-gain-privileges(15707)

BID - 10122

CIAC - O-114


Last Updated: 27 May 2016 10:38:06