CVE-2003-0910
First published: Fri Apr 16 2004(Updated: )
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows 2000 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.eeye.com/html/Research/Advisories/AD20040413D.html
- http://www.us-cert.gov/cas/techalerts/TA04-104A.html
- http://www.kb.cert.org/vuls/id/122076
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html
- http://www.ciac.org/ciac/bulletins/o-114.shtml
- http://www.securityfocus.com/bid/10122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15707
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Frequently Asked Questions
What is the severity of CVE-2003-0910?
CVE-2003-0910 has a high severity due to the potential for local attackers to execute arbitrary code in kernel memory.
How do I fix CVE-2003-0910?
To fix CVE-2003-0910, it is recommended to apply the latest security patches provided by Microsoft for Windows NT 4.0 and Windows 2000.
Who is affected by CVE-2003-0910?
CVE-2003-0910 affects users running Windows NT 4.0 and Windows 2000.
What type of attack does CVE-2003-0910 enable?
CVE-2003-0910 enables local attackers to gain unauthorized access to kernel memory.
When was CVE-2003-0910 disclosed?
CVE-2003-0910 was disclosed in 2003.
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft windows 2000
- canonical/microsoft windows nt
- version/microsoft windows nt/4.0