Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1365

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-1999-1365
Last Modified 05 Sep 2008 04:19:20
Published 28 Jun 1999 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-1999-1365

Summary

Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.

Vulnerable Systems

Operating System

  • Microsoft Windows Nt


References

BID - 0515

NTBUGTRAQ - 19990628 NT runs Explorer.exe, Taskmgr.exe etc. from wrong location

XF - nt-login-default-folder(2336)

NTBUGTRAQ - 19990630 Update: NT runs explorer.exe, etc...


Last Updated: 27 May 2016 10:35:24