CVE-1999-1104

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1104 is a vulnerability affecting Windows 95 systems. The weakness lies in the encryption used for the password list (.pwl) file, which is employed when password caching is enabled. An attacker can exploit this vulnerability by decrypting the passwords in the file, enabling them to gain local privileges. This issue poses a significant risk, particularly in enterprise environments, as it allows unauthorized access to sensitive information. Windows 95 users should disable password caching or apply applicable patches to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows 95

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlPtu
https://www.cve.org/CVERecord?id=CVE-1999-1104
https://nvd.nist.gov/vuln/detail/CVE-1999-1104

Back to Vulnerability Database