Vulnerabilities > CVE-2003-1246 - Symbolic Link Bypass vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |