Vulnerability Details : CVE-2003-0910
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2003-0910
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2003-0910
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2003-0910
-
http://www.securityfocus.com/bid/10122
-
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
http://www.kb.cert.org/vuls/id/122076
Patch;Third Party Advisory;US Government Resource
- http://www.ciac.org/ciac/bulletins/o-114.shtml
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890
-
http://www.eeye.com/html/Research/Advisories/AD20040413D.html
Patch;Vendor Advisory
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
Microsoft Security Bulletin MS04-011 - Critical | Microsoft Learn
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15707
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911
-
http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html
Products affected by CVE-2003-0910
- cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*