CVE-2004-0210
KEV
🔴 Łataj teraz
Przepełnienie bufora w komponentach POSIX systemów Windows NT i 2000 umożliwia lokalne wykonanie kodu.
CVSS
7.8
EPSS
6.8%
Exploit
weaponized
Vendor
microsoft
Opis źródłowy (NVD)
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
buffer-overflow
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 7.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 6.8% |
| Opublikowano (NVD) | 2004-08-06 04:00:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-16 14:03:41 UTC |
Referencje
- http://www.kb.cert.org/vuls/id/647436 (cve@mitre.org) [Patch, Third Party Advisory, US Government Resource]
- http://www.us-cert.gov/cas/techalerts/TA04-196A.html (cve@mitre.org) [Broken Link, Patch, Third Party Advisory, US Government Resource]
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020 (cve@mitre.org) [Patch, Vendor Advisory]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16590 (cve@mitre.org) [Third Party Advisory, VDB Entry]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166 (cve@mitre.org) [Broken Link]
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847 (cve@mitre.org) [Broken Link]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-0210 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]