Vulnerabilities > CVE-2003-1246 - Unspecified vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html
- http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html
- http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html
- http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html
- http://www.iss.net/security_center/static/10979.php
- http://www.iss.net/security_center/static/10979.php
- http://www.securityfocus.com/bid/6511
- http://www.securityfocus.com/bid/6511