Vulnerabilities > CVE-1999-1317 - Unspecified vulnerability in Microsoft Windows NT 3.5.1/4.0

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

NVD

Published: 1999-12-31

Updated: 2017-10-10

Summary

Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows NT 3.5.1 Microsoft Windows NT 4.0	17

References

http://marc.info/?l=ntbugtraq&m=92127046701349&w=2
http://marc.info/?l=ntbugtraq&m=92162979530341&w=2
http://support.microsoft.com/support/kb/articles/q222/1/59.asp
https://exchange.xforce.ibmcloud.com/vulnerabilities/7398