CVE-2003-0910

Windows NT 4.0/2000 - RCE

Title source: llm

Description

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

Exploits (1)

exploitdb WORKING POC VERIFIED

by [email protected] · clocalwindows

https://www.exploit-db.com/exploits/23989

View Code ZIP pw:eip

References (10)

[Third Party Advisory, US Government Resource] http://www.ciac.org/ciac/bulletins/o-114.shtml

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890

[Patch, Vendor Advisory] http://www.eeye.com/html/Research/Advisories/AD20040413D.html

[Third Party Advisory, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA04-104A.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/10122

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15707

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/122076

Scores

EPSS 0.0601

EPSS Percentile 90.7%

Details

Status published

Products (2)

microsoft/windows_2000

microsoft/windows_nt 4.0

Published Jun 01, 2004

Tracked Since Feb 18, 2026