VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 1, 2004· Updated Apr 16, 2026

CVE-2004-0124

CVE-2004-0124

Description

The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

The Object Identity Vulnerability in Microsoft Windows DCOM RPC allows remote attackers to discover object identifiers, potentially enabling unauthorized network communication.

Vulnerability

The Object Identity Vulnerability (CVE-2004-0124) exists in the DCOM RPC interface of Microsoft Windows NT 4.0, 2000, XP, and Server 2003. The issue is that the COM (Component Object Model) component creates object identifiers in a predictable manner, allowing an attacker to discover valid object identifiers via a specially crafted "alter context" call containing additional data. Affected versions include Windows NT 4.0 SP6a, Windows 2000 SP2-SP4, Windows XP (including SP1 and 64-Bit Edition), and Windows Server 2003 [1][3].

Exploitation

An attacker can exploit this vulnerability by sending a crafted DCOM RPC request to a target system. The attacker does not require authentication but needs network access to the target. By manipulating the "alter context" call with additional data, the attacker can enumerate valid object identifiers. This information can then be used to trigger the system to open network communication ports that were previously closed or filtered [3].

Impact

Successful exploitation allows an attacker to discover object identifiers, potentially leading to information disclosure about the system. Moreover, the attacker can cause applications to open and communicate over alternate or unexpected ports, bypassing security policies and potentially enabling further attacks. The vulnerability does not directly grant code execution but can facilitate network-based attacks [1][3].

Mitigation

Microsoft released security bulletin MS04-012 on April 13, 2004, providing updates for all affected Windows versions. Customers are recommended to apply the update immediately [1]. No workarounds are documented in the available references. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog as of the publication date.

References
  1. Microsoft Security Bulletin MS04-012 - Critical
  2. CERT/CC Vulnerability Note VU#212892

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

11
  • Microsoft/Windows 20002 versions
    cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
    • (no CPE)
  • Microsoft/Windows Server 20032 versions
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
    • (no CPE)
  • Microsoft/Windows Nt4 versions
    cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*
  • Microsoft/Windows Xp2 versions
    cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_xp:*:gold:*:*:*:*:*:*
    • (no CPE)
  • Microsoft/Windows NT 4.0llm-fuzzy

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

11

News mentions

0

No linked articles in our index yet.