CVE-2004-0893
Last modified
CVE-2004-0893 is a vulnerability of currently unknown severity. The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability.". EPSS estimates a 1.51% chance of exploitation in the next 30 days.
Description
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Windows 2000 | All versions | — |
| Microsoft | Windows 2003 Server | datacenter_64-bit | Sp1 Beta 1 |
| Microsoft | Windows 2003 Server | enterprise | — |
| Microsoft | Windows 2003 Server | enterprise_64-bit | — |
| Microsoft | Windows 2003 Server | r2 | — |
| Microsoft | Windows 2003 Server | standard | — |
| Microsoft | Windows 2003 Server | web | — |
| Microsoft | Windows Nt | 4.0 | — |
| Microsoft | Windows Xp | All versions | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-0893?
How severe is CVE-2004-0893?
How do I fix CVE-2004-0893?
Are you affected by CVE-2004-0893?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST