9.8
CVE-2003-1233
- EPSS 1.63%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginPedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pedestalsoftware ≫ Integrity Protection Driver Version <= 1.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.63% | 0.732 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:N
|
CWE-59 Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
http://www.phrack.org/show.php?p=59&a=16
http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html
http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html
http://secunia.com/advisories/7816
http://www.securityfocus.com/bid/6511
https://exchange.xforce.ibmcloud.com/vulnerabilities/10979