CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 1CVE-2004-1718
https://notcve.org/view.php?id=CVE-2004-1718
The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. • http://marc.info/?l=bugtraq&m=109276749821133&w=2 http://secunia.com/advisories/12169 http://www.ngsec.com/docs/advisories/NGSEC-2004-6.txt http://www.securityfocus.com/bid/10965 https://exchange.xforce.ibmcloud.com/vulnerabilities/17010 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2003-1246
https://notcve.org/view.php?id=CVE-2003-1246
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html http://www.iss.net/security_center/static/10979.php http://www.securityfocus.com/bid/6511 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2003-1233
https://notcve.org/view.php?id=CVE-2003-1233
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html http://secunia.com/advisories/7816 http://www.phrack.org/show.php?p=59&a=16 http://www.securityfocus.com/bid/6511 https://exchange.xforce.ibmcloud.com/vulnerabilities/10979 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •