CVE-2004-0118 Information

Description

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures which allows local users to access protected kernel memory and execute arbitrary code.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020070.html http://www.ciac.org/ciac/bulletins/o-114.shtml http://www.eeye.com/html/Research/Advisories/AD20040413E.html http://www.kb.cert.org/vuls/id/783748 http://www.securityfocus.com/bid/10117 http://www.us-cert.gov/cas/techalerts/TA04-104A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 https://exchange.xforce.ibmcloud.com/vulnerabilities/15714 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1512 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1718