CVE-2004-0893 - Incoordinate Article

Description

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0 Windows 2000 Windows XP and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port which allows local users to gain privileges aka \Windows Kernel Vulnerability.\

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/18339 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A450 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4458 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1886 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1581 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1561 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1321 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-044