NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.
Information Disclosure
Microsoft
NVD
Exploit-DB
VulDB
CVSS 3.1
7.8
EPSS
63.8%
Threat
6.5