CVE-2004-2339

Published: Dec 31, 2004Modified: Apr 16, 2026

8.4

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed

Affected (3)

Products: Microsoft: Windows 2000, Windows 2003 Server, Windows Xp

3 products

Windows 2003 Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 2000	All versions
Microsoft Windows 2003 Server	Version r2
Microsoft Windows Xp	All versions

References (10)

http://archives.neohapsis.com/archives/bugtraq/2004-02/0529.html

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2004-02/0530.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/354392

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id?1009128

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/15263

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2004-02/0529.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://archives.neohapsis.com/archives/bugtraq/2004-02/0530.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/354392

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id?1009128

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/15263

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.