VDB
CVE-2004-0208
CVE-2004-0208
PUBLISHED
CVSS 7.199999809265137 HIGH
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.
EPSS 2.77% · 86.3th percentile
Risk Scores
CVSS 2.0
7.199999809265137
EPSS Score
2.77%
86.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_nt | 4.0 |
| microsoft | windows_2003_server | r2 |
| microsoft | windows_2000 | |
| n/a | n/a | n/a |
| microsoft | windows_xp |
Timeline
- Oct 16, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- win-vdm-gain-privilege(16580) vdb
- oval:org.mitre.oval:def:3953 vdb
- oval:org.mitre.oval:def:3161 vdb
- VU#910998 third-party-advisory
- oval:org.mitre.oval:def:1751 vdb
- 20041013 EEYE: Windows VDM #UD Local Privilege Escalation mailing-list
- win-ms04032-patch(17658) vdb
- oval:org.mitre.oval:def:4316 vdb
- oval:org.mitre.oval:def:4762 vdb
- MS04-032 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2004-0208 advisory