The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 7.2 | HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| CWE ID | Type | Source |
|---|---|---|
| NVD-CWE-Other | Primary | nvd@nist.gov |