NtSetLdtEntries Function Vulnerability: Local Privilege Escalation and Arbitrary Code Execution

NtSetLdtEntries Function Vulnerability: Local Privilege Escalation and Arbitrary Code Execution

CVE-2003-0910 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.

Learn more about our Web Application Penetration Testing UK.