Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1431


Vulnerability Score 4.6 4.6
CVE Id CVE-1999-1431
Last Modified 05 Sep 2008 04:19:30
Published 07 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.

Vulnerable Systems


  • Microsoft Zero Administration Kit 1.0


BID - 181

NTBUGTRAQ - 19990109 WinNT, ZAK and Office 97

NTBUGTRAQ - 19990107 WinNT, ZAK and Office 97

Last Updated: 27 May 2016 10:35:26