VDB
CVE-2004-0207
CVE-2004-0207
PUBLISHED
CVSS 2.0999999046325684 LOW
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions.
EPSS 3.34% · 87.5th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
3.34%
87.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_nt | 4.0 |
| microsoft | windows_2000 | |
| microsoft | windows_98 | |
| microsoft | windows_2003_server | r2 |
| microsoft | windows_xp | |
| n/a | n/a | n/a |
Timeline
- Oct 16, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- win-mngmt-api-gain-privileges(16579) vdb
- 20041013 SetWindowLong Shatter Attacks mailing-list
- VU#218526 third-party-advisory
- win-ms04032-patch(17658) vdb
- MS04-032 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2004-0207 advisory