CVE-2004-0210

CVE Database · CVE-2004-0210

CVE-2004-0210

· HIGHAnalyzed

CVSS v3.1

7.8

EPSS

5.74%

Published

Aug 6, 2004

Modified

Apr 16, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-03 · Due: 2022-03-24

Apply updates per vendor instructions.

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Windows NT 4.0/2000 - POSIX Subsystem Local Buffer Overflow / Local Privilege Escalation (MS04-020)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-120CWE-120

Affected Products (7)

microsoft · interixvulnerable

microsoft · windows_2000vulnerable

microsoft · windows_ntvulnerable

References (13)

http://www.kb.cert.org/vuls/id/647436

PatchThird Party AdvisoryUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA04-196A.html

Broken LinkPatchThird Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-020

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16590

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2166

KEV Catalog EPSS Scores Vendors All CVEs