Vulnerability Description
The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2003 Server | r2 |
| Microsoft | Windows Xp | All versions |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.htmlExploitVendor Advisory
- http://securitytracker.com/id?1010836
- http://www.osvdb.org/8368ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16851
- http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.htmlExploitVendor Advisory
- http://securitytracker.com/id?1010836
- http://www.osvdb.org/8368ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16851
FAQ
What is CVE-2004-2527?
CVE-2004-2527 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"...
How severe is CVE-2004-2527?
CVE-2004-2527 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2527?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2003 Server, Microsoft Windows Xp.