CVE-2003-0910

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

Published: Jun 1, 2004
Updated: Apr 13, 2023
CVE: CVE-2003-0910
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_nt	4.0	4.0.x
microsoft / windows_2000	-	-

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020068.html
http://www.ciac.org/ciac/bulletins/o-114.shtml
http://www.eeye.com/html/Research/Advisories/AD20040413D.html
http://www.kb.cert.org/vuls/id/122076
http://www.securityfocus.com/bid/10122
http://www.us-cert.gov/cas/techalerts/TA04-104A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/15707
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A890
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A911

Vulnerability Database

289,599

CVE-2003-0910