Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-2527

The local and remote desktop login screens in Microsoft Windows XP before SP2 and 2003 allow remote attackers to cause a denial of service (CPU and memory consumption) by repeatedly using the WinKey+"U" key combination, which causes multiple copies of Windows Utility Manager to be loaded more quickly than they can be closed when the copies detect that another instance is running.

Published

2004-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.4 (MEDIUM)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

4.9

Impact Score

6.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	microsoft	windows_2003_server	r2	No
Operating System	microsoft	windows_xp	*	No
Operating System	microsoft	windows_xp	*	No

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.html Exploit, Vendor Advisory ([email protected])
http://securitytracker.com/id?1010836 ([email protected])
http://www.osvdb.org/8368 Exploit, Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/16851 ([email protected])
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1313.html Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1010836 (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/8368 Exploit, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16851 (af854a3a-2127-422b-91ae-364da2661108)