CVE-2004-0210

Published: Aug 6, 2004Modified: Apr 16, 2026CISA KEV

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

Affected (7)

Products: Microsoft: Interix, Windows 2000, Windows Nt

3 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Microsoft Interix	Version 2.2
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows 2000	All versions
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Nt	Version 4.0 sp6a
Microsoft Windows Nt	Version 4.0 sp6a

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (13)

http://www.kb.cert.org/vuls/id/647436

Source: cve@mitre.org

PatchThird Party AdvisoryUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Source: cve@mitre.org

Broken LinkPatchThird Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16590

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166

Source: cve@mitre.org

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847

Source: cve@mitre.org

Broken Link

http://www.kb.cert.org/vuls/id/647436

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchThird Party AdvisoryUS Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16590

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2847

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-0210

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.