CVE-2004-0210
CVE-2004-0210
In short
A vulnerability in Windows NT and Windows 2000's POSIX component allows local users to run arbitrary code by exploiting a buffer overflow through specially crafted parameters that modify message length values.
Technical detail
A buffer overflow vulnerability exists in the POSIX subsystem of Windows NT/2000, exploitable by local attackers via manipulation of message length parameters. The vulnerability requires local access and results in arbitrary code execution with the privileges of the affected process.
Summary generated and translated by AI from the official description.
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/24277unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020https://exchange.xforce.ibmcloud.com/vulnerabilities/16590https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-0210http://www.kb.cert.org/vuls/id/647436http://www.us-cert.gov/cas/techalerts/TA04-196A.html