VDB
CVE-2004-1080
CVE-2004-1080
PUBLISHED
KEV
CVSS 10 CRITICAL
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
EPSS 89.41% · 99.6th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
89.41%
99.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_nt | 4.0, 4.0, 4.0 |
| microsoft | windows_2003_server | *, 2003, enterprise |
| microsoft | windows_2000 | |
| n/a | n/a | n/a |
Timeline
- Dec 1, 2004 CVE Published
- Sep 20, 2010 PoC Published
- Sep 23, 2010 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
References
- 1012516 vdb
- 890710 vendor-advisory
- VU#145134 third-party-advisory
- oval:org.mitre.oval:def:2541 vdb
- 12378 vdb
- oval:org.mitre.oval:def:1549 vdb
- http://www.immunitysec.com/downloads/instantanea.pdf url
- 13328 third-party-advisory
- wins-memory-pointer-hijack(18259) vdb
- P-054 third-party-advisory
- oval:org.mitre.oval:def:3677 vdb
- oval:org.mitre.oval:def:4831 vdb
- 20041126 Immunity, Inc Advisor mailing-list
- 11763 vdb
- 20041129 Microsoft WINS Server Vulnerability third-party-advisory
- MS04-045 vendor-advisory
- oval:org.mitre.oval:def:4372 vdb
- oval:org.mitre.oval:def:2734 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-1080 advisory
- http://secunia.com/advisories/13328 url