CVE-2004-1080

The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."

Published: Jan 10, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-1080
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_nt	4.0-sp3	4.0-sp3.x
microsoft / windows_2003_server	web	web.x
microsoft / windows_2003_server	enterprise	enterprise.x
microsoft / windows_2003_server	2003	2003.x
microsoft / windows_2003_server	enterprise_64-bit	enterprise_64-bit.x
microsoft / windows_2000	-	-
microsoft / windows_nt	4.0-sp6	4.0-sp6.x
microsoft / windows_nt	4.0	4.0.x
microsoft / windows_nt	4.0-sp1	4.0-sp1.x
microsoft / windows_nt	4.0-sp4	4.0-sp4.x
microsoft / windows_2003_server	2000	2000.x
microsoft / windows_nt	4.0-sp5	4.0-sp5.x
microsoft / windows_2003_server	r2	r2.x
microsoft / windows_nt	4.0-sp6a	4.0-sp6a.x
microsoft / windows_nt	4.0-sp2	4.0-sp2.x
microsoft / windows_2003_server	standard	standard.x

Vulnerability Database

289,599

CVE-2004-1080