CVE-2004-2527

The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running.

CVSS v2.0 5.4 MEDIUM

5.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:H/Au:N/C:N/I:N/A:C

Exploitability : 4.9 / Impact : 6.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.html	Exploit Vendor Advisory
http://securitytracker.com/id?1010836
http://www.osvdb.org/8368	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16851

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*
	cpe:2.3:o:microsoft:windows_xp::gold::::::*
	cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2024-02-04 16:52

NVD link : CVE-2004-2527

Mitre link : CVE-2004-2527

CVE.ORG link : CVE-2004-2527

JSON object : View

Products Affected

microsoft

windows_xp
windows_2003_server

CWE

NVD-CWE-Other

{"id": "CVE-2004-2527", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1010836", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/8368", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16851", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+\"U\" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running."}], "lastModified": "2017-07-11T01:31:58.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "580B0C9B-DD85-40FA-9D37-BAC0C96D57FC"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B9687E6C-EDE9-42E4-93D0-C4144FEC917A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "The DoS flaw affects slower machines and those with less ram quicker than higher specification machines. On very hi-spec machines, the flaw does not seem to be exploitable."}