{"vuid":"VU#783748","idnumber":"783748","name":"Microsoft Windows Virtual DOS Machine (VDM) contains null pointer dereference","keywords":["Microsoft","Windows","Virtual DOS Machine","VDM","null pointer","AD20040413E","Q835732","MS04-011"],"overview":"Microsoft Windows NT4.0 and Windows 2000 contain a vulnerability that could permit a local user to gain elevated privileges on the system.","clean_desc":"Microsoft Windows NT4.0 and Windows 2000 provide an Virtual DOS Machine (VDM) to support 16-bit legacy operations and applications. A vulnerability in the implementation of the VDM may lead to the dereferencing of a NULL pointer. This situation occurs when 16-bit code is executed without first initializing a VDM. For more details, please see Microsoft Security Bulletin MS04-011 and eEye Digital Security Advisory [AD20040413E].","impact":"A local user may be able to gain elevated privileges on the system.","resolution":"Apply a patch from the vendor Microsoft Security Bulletin MS04-011 contains patch information to resolve this issue.","workarounds":"","sysaffected":"","thanks":"Thanks to Microsoft and eEye Digital Security for reporting this vulnerability.","author":"This document was written by Jason A Rafail.","public":["http://www.eeye.com/html/Research/Advisories/AD20040413E.html","http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx"],"cveids":["CVE-2004-0118"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-04-13T19:59:31Z","publicdate":"2004-04-13T00:00:00Z","datefirstpublished":"2004-04-14T15:05:59Z","dateupdated":"2004-04-14T15:06:40Z","revision":3,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"7","cam_population":"15","cam_impact":"20","cam_easeofexploitation":"7","cam_attackeraccessrequired":"10","cam_scorecurrent":"8.6625","cam_scorecurrentwidelyknown":"10.63125","cam_scorecurrentwidelyknownexploited":"18.50625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":8.6625,"vulnote":null}