Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Windows Expand-Down数据段本地权限提升漏洞(MS04-011)
Vulnerability Description
Windows是微软开发的视窗操作系统。 Windows内核包含的NtSetLdtEntries API函数由于缺少充分的验证检查,本地攻击者可以利用这个漏洞提升权限。 问题是内核中两个独立但又有联系的漏洞引起的,第一个问题是NtSetLdtEntries API函数缺少充分验证,可绕过安全检查和可建立危险数据段。第二个问题是部分内核代码缺少过滤,用户代码传递一引用到恶意段 (使用 NtSetLdtEntries建立),可导致修改任意内存地址。 攻击者本地登录系统,可建立恶意LDT条目访问受保护的内存,造
CVSS Information
N/A
Vulnerability Type
N/A