Vulnerability Description
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2003 Server | r2 |
| Microsoft | Windows Nt | 4.0 |
| Microsoft | Windows Xp | All versions |
References
- http://marc.info/?l=bugtraq&m=109772135404427&w=2
- http://www.kb.cert.org/vuls/id/910998PatchThird Party AdvisoryUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-03
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17658
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=109772135404427&w=2
- http://www.kb.cert.org/vuls/id/910998PatchThird Party AdvisoryUS Government Resource
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-03
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17658
FAQ
What is CVE-2004-0208?
CVE-2004-0208 is a vulnerability with a CVSS score of 7.2 (HIGH). The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious pr...
How severe is CVE-2004-0208?
CVE-2004-0208 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0208?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2003 Server, Microsoft Windows Nt, Microsoft Windows Xp.