CVE-1999-1317

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Dec 31, 1999

Updated: Nov 20, 2024

Summary

CVE-1999-1317 is a vulnerability affecting Windows NT 4.0 SP4 and earlier versions. This issue allows local users to manipulate symbolic links in the \\?? object folder by using different case letters, enabling them to gain elevated privileges. By modifying these links, users can effectively redirect system access to other devices or directories, resulting in unauthorized access or data corruption. This vulnerability underscores the importance of securely managing symbolic links and user access rights in Windows operating systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft Windows NT

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/NWlXGd
https://www.cve.org/CVERecord?id=CVE-1999-1317
https://nvd.nist.gov/vuln/detail/CVE-1999-1317

Back to Vulnerability Database