7.2

CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftWindows 2000 Updatesp1
MicrosoftWindows 2000 Updatesp2
MicrosoftWindows 2000 Updatesp3
MicrosoftWindows 2000 Updatesp4
MicrosoftWindows 2003 Server Versiondatacenter_64-bit Updatesp1_beta_1
MicrosoftWindows 2003 Server Versionenterprise Edition64-bit
MicrosoftWindows 2003 Server Versionenterprise Updatesp1_beta_1
MicrosoftWindows 2003 Server Versionenterprise_64-bit
MicrosoftWindows 2003 Server Versionenterprise_64-bit Updatesp1_beta_1
MicrosoftWindows 2003 Server Versionr2 Edition64-bit
MicrosoftWindows 2003 Server Versionr2 Editiondatacenter_64-bit
MicrosoftWindows 2003 Server Versionr2 Updatesp1_beta_1
MicrosoftWindows 2003 Server Versionstandard Edition64-bit
MicrosoftWindows 2003 Server Versionstandard Updatesp1_beta_1
MicrosoftWindows 2003 Server Versionweb Updatesp1_beta_1
MicrosoftWindows Nt Version4.0 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Editionserver
MicrosoftWindows Nt Version4.0 Editionterminal_server
MicrosoftWindows Nt Version4.0 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp1 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp1 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp1 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp1 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp2 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp2 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp2 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp2 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp3 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp3 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp3 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp3 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp4 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp4 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp4 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp4 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp5 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp5 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp5 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp5 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp6 Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp6 Editionserver
MicrosoftWindows Nt Version4.0 Updatesp6 Editionterminal_server
MicrosoftWindows Nt Version4.0 Updatesp6 Editionworkstation
MicrosoftWindows Nt Version4.0 Updatesp6a Editionenterprise_server
MicrosoftWindows Nt Version4.0 Updatesp6a Editionserver
MicrosoftWindows Nt Version4.0 Updatesp6a Editionworkstation
MicrosoftWindows Xp Edition64-bit
MicrosoftWindows Xp Editionhome
MicrosoftWindows Xp Editionmedia_center
MicrosoftWindows Xp Updategold Editionprofessional
MicrosoftWindows Xp Updatesp1 Edition64-bit
MicrosoftWindows Xp Updatesp1 Editionhome
MicrosoftWindows Xp Updatesp1 Editionmedia_center
MicrosoftWindows Xp Updatesp2 Editionhome
MicrosoftWindows Xp Updatesp2 Editionmedia_center
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.93% 0.753
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C