Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-0893

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."

  • Published: Jan 10, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-0893
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / windows_nt 4.0-sp5 4.0-sp5.x
microsoft / windows_2003_server web-sp1_beta_1 web-sp1_beta_1.x
microsoft / windows_xp - -
microsoft / windows_nt 4.0-sp3 4.0-sp3.x
microsoft / windows_2003_server web web.x
microsoft / windows_2003_server enterprise enterprise.x
microsoft / windows_nt 4.0-sp6a 4.0-sp6a.x
microsoft / windows_2003_server enterprise_64-bit enterprise_64-bit.x
microsoft / windows_2003_server enterprise-sp1_beta_1 enterprise-sp1_beta_1.x
microsoft / windows_2000 - -
microsoft / windows_nt 4.0-sp6 4.0-sp6.x
microsoft / windows_nt 4.0 4.0.x
microsoft / windows_nt 4.0-sp1 4.0-sp1.x
microsoft / windows_2003_server datacenter_64-bit-sp1_beta_1 datacenter_64-bit-sp1_beta_1.x
microsoft / windows_nt 4.0-sp4 4.0-sp4.x
microsoft / windows_2003_server standard-sp1_beta_1 standard-sp1_beta_1.x
microsoft / windows_nt 4.0-sp2 4.0-sp2.x
microsoft / windows_2003_server r2 r2.x
microsoft / windows_2003_server r2-sp1_beta_1 r2-sp1_beta_1.x
microsoft / windows_2003_server standard standard.x
microsoft / windows_2003_server enterprise_64-bit-sp1_beta_1 enterprise_64-bit-sp1_beta_1.x