What is the severity of CVE-2004-0893?

CVE-2004-0893 has a critical severity due to its capability to allow local users to gain elevated privileges.

How do I fix CVE-2004-0893?

To fix CVE-2004-0893, it is recommended to apply the relevant security patches provided by Microsoft for affected Windows versions.

What platforms are affected by CVE-2004-0893?

CVE-2004-0893 affects Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003.

What types of exploit can CVE-2004-0893 potentially allow?

CVE-2004-0893 can potentially allow local users to execute arbitrary code with elevated privileges.

Is there a workaround for CVE-2004-0893?

There are no specific workarounds for CVE-2004-0893 apart from applying the security patches provided by Microsoft.

Vulnerability/
CVE-2004-0893

high

7.2

CWE

NVD-CWE-Other

15/12/2004

8/8/2024

CVE-2004-0893

First published: Wed Dec 15 2004(Updated: )

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Windows NT	=4.0-sp5
Microsoft Windows 2003 Server	=web-sp1_beta_1
Microsoft Windows XP	=sp1
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 2003 Server	=web
Microsoft Windows 2003 Server	=enterprise
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows 2003 Server	=enterprise_64-bit
Microsoft Windows 2003 Server	=enterprise-sp1_beta_1
Microsoft Windows XP	=gold
Microsoft Windows 2000
Microsoft Windows NT	=4.0-sp6
Microsoft Windows XP
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp1
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 2000	=sp4
Microsoft Windows XP	=sp2
Microsoft Windows 2003 Server	=datacenter_64-bit-sp1_beta_1
Microsoft Windows XP
Microsoft Windows NT	=4.0-sp6
Microsoft Windows NT	=4.0-sp4
Microsoft Windows XP	=sp1
Microsoft Windows NT	=4.0-sp5
Microsoft Windows 2000	=sp2
Microsoft Windows 2003 Server	=standard-sp1_beta_1
Microsoft Windows NT	=4.0-sp6
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp2
Microsoft Windows 2003 Server	=r2
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp4
Microsoft Windows 2003 Server	=r2-sp1_beta_1
Microsoft Windows NT	=4.0-sp2
Microsoft Windows NT	=4.0-sp1
Microsoft Windows 2000	=sp1
Microsoft Windows NT	=4.0-sp4
Microsoft Windows NT	=4.0-sp6
Microsoft Windows XP	=sp2
Microsoft Windows XP
Microsoft Windows NT	=4.0-sp3
Microsoft Windows NT	=4.0-sp1
Microsoft Windows NT	=4.0-sp2
Microsoft Windows NT	=4.0-sp5
Microsoft Windows NT	=4.0-sp1
Microsoft Windows XP	=sp1
Microsoft Windows 2003 Server	=standard
Microsoft Windows NT	=4.0
Microsoft Windows NT	=4.0-sp6a
Microsoft Windows NT	=4.0-sp3
Microsoft Windows 2003 Server	=enterprise_64-bit-sp1_beta_1
Microsoft Windows 2003 Server	=r2
Microsoft Windows NT	=4.0-sp5
Microsoft Windows NT	=4.0-sp2
Microsoft Windows 2000	=sp3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0893?
CVE-2004-0893 has a critical severity due to its capability to allow local users to gain elevated privileges.
How do I fix CVE-2004-0893?
To fix CVE-2004-0893, it is recommended to apply the relevant security patches provided by Microsoft for affected Windows versions.
What platforms are affected by CVE-2004-0893?
CVE-2004-0893 affects Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003.
What types of exploit can CVE-2004-0893 potentially allow?
CVE-2004-0893 can potentially allow local users to execute arbitrary code with elevated privileges.
Is there a workaround for CVE-2004-0893?
There are no specific workarounds for CVE-2004-0893 apart from applying the security patches provided by Microsoft.

collector/nvd-historical
vendor/microsoft
product/windows nt
canonical/microsoft windows nt
product/windows 2003 server
canonical/microsoft windows 2003 server
product/windows xp
canonical/microsoft windows xp
product/windows 2000
canonical/microsoft windows 2000
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/author
agent/last-modified-date
agent/severity
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
version/microsoft windows nt/4.0-sp5
version/microsoft windows 2003 server/web-sp1_beta_1
version/microsoft windows xp/sp1
version/microsoft windows nt/4.0-sp3
version/microsoft windows 2003 server/web
version/microsoft windows 2003 server/enterprise
version/microsoft windows nt/4.0-sp6a
version/microsoft windows 2003 server/enterprise_64-bit
version/microsoft windows 2003 server/enterprise-sp1_beta_1
version/microsoft windows xp/gold
version/microsoft windows nt/4.0-sp6
version/microsoft windows nt/4.0
version/microsoft windows nt/4.0-sp1
version/microsoft windows 2000/sp4
version/microsoft windows xp/sp2
version/microsoft windows 2003 server/datacenter_64-bit-sp1_beta_1
version/microsoft windows nt/4.0-sp4
version/microsoft windows 2000/sp2
version/microsoft windows 2003 server/standard-sp1_beta_1
version/microsoft windows nt/4.0-sp2
version/microsoft windows 2003 server/r2
version/microsoft windows 2003 server/r2-sp1_beta_1
version/microsoft windows 2000/sp1
version/microsoft windows 2003 server/standard
version/microsoft windows 2003 server/enterprise_64-bit-sp1_beta_1
version/microsoft windows 2000/sp3