CVE-2004-0893
First published: Wed Dec 15 2004(Updated: )
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows 2003 Server | =web-sp1_beta_1 | |
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2003 Server | =web | |
| Microsoft Windows 2003 Server | =enterprise | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows 2003 Server | =enterprise_64-bit | |
| Microsoft Windows 2003 Server | =enterprise-sp1_beta_1 | |
| Microsoft Windows XP | =gold | |
| Microsoft Windows 2000 | ||
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows XP | ||
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2000 | =sp4 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows 2003 Server | =datacenter_64-bit-sp1_beta_1 | |
| Microsoft Windows XP | ||
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows 2000 | =sp2 | |
| Microsoft Windows 2003 Server | =standard-sp1_beta_1 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows 2003 Server | =r2 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows 2003 Server | =r2-sp1_beta_1 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows 2000 | =sp1 | |
| Microsoft Windows NT | =4.0-sp4 | |
| Microsoft Windows NT | =4.0-sp6 | |
| Microsoft Windows XP | =sp2 | |
| Microsoft Windows XP | ||
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp1 | |
| Microsoft Windows XP | =sp1 | |
| Microsoft Windows 2003 Server | =standard | |
| Microsoft Windows NT | =4.0 | |
| Microsoft Windows NT | =4.0-sp6a | |
| Microsoft Windows NT | =4.0-sp3 | |
| Microsoft Windows 2003 Server | =enterprise_64-bit-sp1_beta_1 | |
| Microsoft Windows 2003 Server | =r2 | |
| Microsoft Windows NT | =4.0-sp5 | |
| Microsoft Windows NT | =4.0-sp2 | |
| Microsoft Windows 2000 | =sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18339
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A450
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4458
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4021
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2008
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1886
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1581
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1561
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1321
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044
- collector/nvd-historical
- vendor/microsoft
- product/windows nt
- canonical/microsoft windows nt
- product/windows 2003 server
- canonical/microsoft windows 2003 server
- product/windows xp
- canonical/microsoft windows xp
- product/windows 2000
- canonical/microsoft windows 2000
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/microsoft windows nt/4.0-sp5
- version/microsoft windows 2003 server/web-sp1_beta_1
- version/microsoft windows xp/sp1
- version/microsoft windows nt/4.0-sp3
- version/microsoft windows 2003 server/web
- version/microsoft windows 2003 server/enterprise
- version/microsoft windows nt/4.0-sp6a
- version/microsoft windows 2003 server/enterprise_64-bit
- version/microsoft windows 2003 server/enterprise-sp1_beta_1
- version/microsoft windows xp/gold
- version/microsoft windows nt/4.0-sp6
- version/microsoft windows nt/4.0
- version/microsoft windows nt/4.0-sp1
- version/microsoft windows 2000/sp4
- version/microsoft windows xp/sp2
- version/microsoft windows 2003 server/datacenter_64-bit-sp1_beta_1
- version/microsoft windows nt/4.0-sp4
- version/microsoft windows 2000/sp2
- version/microsoft windows 2003 server/standard-sp1_beta_1
- version/microsoft windows nt/4.0-sp2
- version/microsoft windows 2003 server/r2
- version/microsoft windows 2003 server/r2-sp1_beta_1
- version/microsoft windows 2000/sp1
- version/microsoft windows 2003 server/standard
- version/microsoft windows 2003 server/enterprise_64-bit-sp1_beta_1
- version/microsoft windows 2000/sp3