Lucene search

[email protected]NVD:CVE-1999-1431

HistoryJan 07, 2005 - 5:00 a.m.

CVE-1999-1431

2005-01-0705:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

47.2%

JSON

ZAK in Appstation mode allows users to bypass the “Run only allowed apps” policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.

Affected configurations

Nvd

Node

microsoftzero_administration_kitMatch1.0

VendorProductVersionCPE
microsoftzero_administration_kit1.0cpe:2.3:a:microsoft:zero_administration_kit:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	zero_administration_kit	1.0	cpe:2.3:a:microsoft:zero_administration_kit:1.0:::::::*

References

marc.info/?l=ntbugtraq&m=91576100022688&w=2

marc.info/?l=ntbugtraq&m=91606260910008&w=2

www.securityfocus.com/bid/181

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

47.2%

JSON

Related for NVD:CVE-1999-1431

cvelist1 exploitdb1 cve1